From mboxrd@z Thu Jan 1 00:00:00 1970 From: Eric Dumazet Subject: Re: [PATCH net-next] net: metrics: add proper netlink validation Date: Mon, 4 Jun 2018 22:48:30 -0700 Message-ID: <218c664f-b79c-aca3-5665-eaf11d8c2be7@gmail.com> References: <20180604234601.261823-1-edumazet@google.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: netdev , Eric Dumazet , David Ahern To: Eric Dumazet , "David S . Miller" Return-path: Received: from mail-pg0-f67.google.com ([74.125.83.67]:40472 "EHLO mail-pg0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751709AbeFEFsd (ORCPT ); Tue, 5 Jun 2018 01:48:33 -0400 Received: by mail-pg0-f67.google.com with SMTP id l2-v6so613360pgc.7 for ; Mon, 04 Jun 2018 22:48:33 -0700 (PDT) In-Reply-To: <20180604234601.261823-1-edumazet@google.com> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 06/04/2018 04:46 PM, Eric Dumazet wrote: > Before using nla_get_u32(), better make sure the attribute > is of the proper size. > > > Fixes: a919525ad832 ("net: Move fib_convert_metrics to metrics file") > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") > Signed-off-by: Eric Dumazet > Reported-by: syzbot > Cc: David Ahern > --- > net/ipv4/fib_semantics.c | 2 ++ > net/ipv4/metrics.c | 2 ++ > 2 files changed, 4 insertions(+) > > diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c > index 6608db23f54b6afdac0455650b47d64b1b22b255..9a890be8a0265edb78da225a82e2cac120f2150f 100644 > --- a/net/ipv4/fib_semantics.c > +++ b/net/ipv4/fib_semantics.c > @@ -717,6 +717,8 @@ bool fib_metrics_match(struct fib_config *cfg, struct fib_info *fi) > nla_strlcpy(tmp, nla, sizeof(tmp)); > val = tcp_ca_get_key_by_name(fi->fib_net, tmp, &ecn_ca); > } else { > + if (nla_len(nla) != sizeof(u32) Oh well, stupid typo. > + return false; > val = nla_get_u32(nla); I will send a V2.