From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Ahern Subject: [PATCH net-next] rtnetlink: Move ifm in valid_fdb_dump_legacy to closer to use Date: Mon, 8 Oct 2018 13:57:24 -0700 Message-ID: <20181008205724.13030-1-dsahern@kernel.org> Cc: David Ahern To: netdev@vger.kernel.org Return-path: Received: from mail.kernel.org ([198.145.29.99]:33946 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725749AbeJIELG (ORCPT ); Tue, 9 Oct 2018 00:11:06 -0400 Sender: netdev-owner@vger.kernel.org List-ID: From: David Ahern Move setting of local variable ifm to after the message parsing in valid_fdb_dump_legacy. Avoid potential future use of unchecked variable. Fixes: 8dfbda19a21b ("rtnetlink: Move input checking for rtnl_fdb_dump to helper") Reported-by: Christian Brauner Signed-off-by: David Ahern --- net/core/rtnetlink.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index 6406e26171ff..46328a10034a 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -3857,7 +3857,6 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh, int *br_idx, int *brport_idx, struct netlink_ext_ack *extack) { - struct ifinfomsg *ifm = nlmsg_data(nlh); struct nlattr *tb[IFLA_MAX+1]; int err; @@ -3871,6 +3870,8 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh, if (nlmsg_len(nlh) != sizeof(struct ndmsg) && (nlmsg_len(nlh) != sizeof(struct ndmsg) + nla_attr_size(sizeof(u32)))) { + struct ifinfomsg *ifm; + err = nlmsg_parse(nlh, sizeof(struct ifinfomsg), tb, IFLA_MAX, ifla_policy, extack); if (err < 0) { @@ -3880,6 +3881,7 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh, *br_idx = nla_get_u32(tb[IFLA_MASTER]); } + ifm = nlmsg_data(nlh); *brport_idx = ifm->ifi_index; } return 0; -- 2.11.0