The commit is pushed to "branch-rh7-3.10.0-1160.6.1.vz7.171.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-1160.6.1.vz7.171.1 ------> commit 0d918ae4b9d36889e855e61a380b21ce37b34b48 Author: Jozsef Kadlecsik <kad...@blackhole.kfki.hu> Date: Thu Dec 3 12:21:18 2020 +0300
ms/netfilter: ipset: Fix the last missing check of nla_parse_deprecated() In dump_init() the outdated comment was incorrect and we had a missing validation check of nla_parse_deprecated(). Signed-off-by: Jozsef Kadlecsik <kad...@blackhole.kfki.hu> (cherry-picked from commit 13c6ba1f855415cf3b9c58ea926ae8858050ec1c) VvS: replaced original nla_parse_deprecated() by nla_parse() https://jira.sw.ru/browse/PSBM-122965 Signed-off-by: Vasily Averin <v...@virtuozzo.com> --- net/netfilter/ipset/ip_set_core.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index d5344e5..0a53827 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c @@ -1292,10 +1292,12 @@ dump_init(struct netlink_callback *cb, struct ip_set_net *inst) struct nlattr *attr = (void *)nlh + min_len; u32 dump_type; ip_set_id_t index; + int ret; - /* Second pass, so parser can't fail */ - nla_parse(cda, IPSET_ATTR_CMD_MAX, + ret = nla_parse(cda, IPSET_ATTR_CMD_MAX, attr, nlh->nlmsg_len - min_len, ip_set_setname_policy); + if (ret) + return ret; cb->args[IPSET_CB_PROTO] = nla_get_u8(cda[IPSET_ATTR_PROTOCOL]); if (cda[IPSET_ATTR_SETNAME]) { _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel