p71924506
/
linux_old1
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

netfilter: nft_queue: check the validation of queues_total and queuenum 

Although the validation of queues_total and queuenum is checked in nft
utility, but user can add nft rules via nfnetlink, so it is necessary
to check the validation at the nft_queue expr init routine too.

Tested by run ./nft-test.py any/queue.t:
  any/queue.t: 6 unit tests, 0 error, 0 warning

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Liping Zhang 2016-09-06 22:33:37 +08:00 committed by Pablo Neira Ayuso
parent 1bcabc81ee
commit fe01111d23
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
net/netfilter/nft_queue.c
View File

@ -65,6 +65,7 @@ static int nft_queue_init(const struct nft_ctx *ctx,
const struct nlattr * const tb[])
{
struct nft_queue *priv = nft_expr_priv(expr);
u32 maxid;
if (tb[NFTA_QUEUE_NUM] == NULL)
return -EINVAL;
@ -74,6 +75,16 @@ static int nft_queue_init(const struct nft_ctx *ctx,
if (tb[NFTA_QUEUE_TOTAL] != NULL)
priv->queues_total = ntohs(nla_get_be16(tb[NFTA_QUEUE_TOTAL]));
else
priv->queues_total = 1;
if (priv->queues_total == 0)
return -EINVAL;
maxid = priv->queues_total - 1 + priv->queuenum;
if (maxid > U16_MAX)
return -ERANGE;
if (tb[NFTA_QUEUE_FLAGS] != NULL) {
priv->flags = ntohs(nla_get_be16(tb[NFTA_QUEUE_FLAGS]));
if (priv->flags & ~NFT_QUEUE_FLAG_MASK)