diff options
| author | Eelco Chaudron <echaudro@redhat.com> | 2025-05-06 17:28:54 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-05-18 09:21:20 +0300 |
| commit | bca8df998cce1fead8cbc69144862eadc2e34c87 (patch) | |
| tree | 2b933ab449d99159ab28f82861a5f11bcbf9a801 /net/openvswitch | |
| parent | 7f61da79df86fd140c7768e668ad846bfa7ec8e1 (diff) | |
| download | linux-bca8df998cce1fead8cbc69144862eadc2e34c87.tar.xz | |
openvswitch: Fix unsafe attribute parsing in output_userspace()
commit 6beb6835c1fbb3f676aebb51a5fee6b77fed9308 upstream.
This patch replaces the manual Netlink attribute iteration in
output_userspace() with nla_for_each_nested(), which ensures that only
well-formed attributes are processed.
Fixes: ccb1352e76cf ("net: Add Open vSwitch kernel components.")
Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
Acked-by: Aaron Conole <aconole@redhat.com>
Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734.git.echaudro@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'net/openvswitch')
| -rw-r--r-- | net/openvswitch/actions.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c index c517b24b3093..a87c25e06baf 100644 --- a/net/openvswitch/actions.c +++ b/net/openvswitch/actions.c @@ -954,8 +954,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb, upcall.cmd = OVS_PACKET_CMD_ACTION; upcall.mru = OVS_CB(skb)->mru; - for (a = nla_data(attr), rem = nla_len(attr); rem > 0; - a = nla_next(a, &rem)) { + nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA: upcall.userdata = a; |