From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Ahern Subject: Re: [PATCH v2 net-next 11/23] rtnetlink: Update rtnl_stats_dump for strict data checking Date: Mon, 8 Oct 2018 07:25:34 -0600 Message-ID: References: <20181008031644.15989-1-dsahern@kernel.org> <20181008031644.15989-12-dsahern@kernel.org> <20181008101725.zjdsnwcyww7tmwnr@brauner.io> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, davem@davemloft.net, jbenc@redhat.com, stephen@networkplumber.org To: Christian Brauner , David Ahern Return-path: Received: from mail-it1-f193.google.com ([209.85.166.193]:36224 "EHLO mail-it1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726198AbeJHUhU (ORCPT ); Mon, 8 Oct 2018 16:37:20 -0400 Received: by mail-it1-f193.google.com with SMTP id c85-v6so11838885itd.1 for ; Mon, 08 Oct 2018 06:25:37 -0700 (PDT) In-Reply-To: <20181008101725.zjdsnwcyww7tmwnr@brauner.io> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 10/8/18 4:17 AM, Christian Brauner wrote: >> @@ -4696,13 +4697,32 @@ static int rtnl_stats_dump(struct sk_buff *skb, struct netlink_callback *cb) >> >> cb->seq = net->dev_base_seq; >> >> - if (nlmsg_len(cb->nlh) < sizeof(*ifsm)) >> + if (nlmsg_len(cb->nlh) < sizeof(*ifsm)) { >> + NL_SET_ERR_MSG(extack, "Invalid header for stats dump"); >> return -EINVAL; >> + } >> >> ifsm = nlmsg_data(cb->nlh); >> + >> + /* only requests using NLM_F_DUMP_PROPER_HDR can pass data to > > That looks like an accidental leftover before we changed this to a > socket option. :) > ugh. thanks for noticing.