mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 07:04:24 +00:00
Code Issues Releases Wiki Activity

net: limit altnames to 64k total

Browse source 
[ Upstream commit 155fb43b70 ]

Property list (altname is a link "property") is wrapped
in a nlattr. nlattrs length is 16bit so practically
speaking the list of properties can't be longer than
that, otherwise user space would have to interpret
broken netlink messages.

Prevent the problem from occurring by checking the length
of the property list before adding new entries.

Reported-by: George Shuklin <george.shuklin@gmail.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Jakub Kicinski 2022-03-09 10:29:14 -08:00 committed by Greg Kroah-Hartman
parent 3d99d84d00
commit b07caa540b
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
net/core/rtnetlink.c
View file

@ -3652,12 +3652,23 @@ static int rtnl_alt_ifname(int cmd, struct net_device *dev, struct nlattr *attr,
bool *changed, struct netlink_ext_ack *extack)
{
char *alt_ifname;
size_t size;
int err;
err = nla_validate(attr, attr->nla_len, IFLA_MAX, ifla_policy, extack);
if (err)
return err;
if (cmd == RTM_NEWLINKPROP) {
size = rtnl_prop_list_size(dev);
size += nla_total_size(ALTIFNAMSIZ);
if (size >= U16_MAX) {
NL_SET_ERR_MSG(extack,
"effective property list too long");
return -EINVAL;
}
}
alt_ifname = nla_strdup(attr, GFP_KERNEL_ACCOUNT);
if (!alt_ifname)
return -ENOMEM;