projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a220871)
netlink: revert broken, broken "2-clause nla_ok()"
authorAlexey Dobriyan <adobriyan@gmail.com>
Tue, 13 Dec 2016 19:30:15 +0000 (22:30 +0300)
committerDavid S. Miller <davem@davemloft.net>
Tue, 13 Dec 2016 19:54:44 +0000 (14:54 -0500)
Commit 4f7df337fe79bba1e4c2d525525d63b5ba186bbd
"netlink: 2-clause nla_ok()" is BROKEN.

First clause tests if "->nla_len" could even be accessed at all,
it can not possibly be omitted.

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/netlink.h patch | blob | blame | history

diff --git a/include/net/netlink.h b/include/net/netlink.h
index dd657a33f8c304455c99d83121fc743a86d13973..d3938f11ae52ee234ea0b4c4e3f7b2e37615601d 100644 (file)
--- a/include/net/netlink.h
+++ b/include/net/netlink.h
@@ -698,7 +698,8 @@ static inline int nla_len(const struct nlattr *nla)
  */
 static inline int nla_ok(const struct nlattr *nla, int remaining)
 {
-       return nla->nla_len >= sizeof(*nla) &&
+       return remaining >= (int) sizeof(*nla) &&
+              nla->nla_len >= sizeof(*nla) &&
               nla->nla_len <= remaining;
 }