* [nft RFC PATCH] mnl: Fix a potential buffer overflow
@ 2014-03-14 13:47 Yuxuan Shui
0 siblings, 0 replies; only message in thread
From: Yuxuan Shui @ 2014-03-14 13:47 UTC (permalink / raw)
To: netfilter-devel; +Cc: Yuxuan Shui
Use nft_set_elems_nlmsg_build_payload_check to prevent the buffer from
being overflowed.
---
src/mnl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/mnl.c b/src/mnl.c
index e825fb0..1dea2ed 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -709,7 +709,8 @@ int mnl_nft_setelem_add(struct mnl_socket *nf_sock, struct nft_set *nls,
nlh = nft_set_elem_nlmsg_build_hdr(buf, NFT_MSG_NEWSETELEM,
nft_set_attr_get_u32(nls, NFT_SET_ATTR_FAMILY),
NLM_F_CREATE | NLM_F_ACK | flags, seq);
- nft_set_elems_nlmsg_build_payload(nlh, nls);
+ if (!nft_set_elems_nlmsg_build_payload_check(nlh, MNL_SOCKET_BUFFER_SIZE, nls))
+ BUG("Too many elements in set.\n");
return mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
}
--
1.9.0
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2014-03-14 13:47 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-03-14 13:47 [nft RFC PATCH] mnl: Fix a potential buffer overflow Yuxuan Shui
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).