diff options
| author | Florian Westphal <fw@strlen.de> | 2022-09-05 13:09:37 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2022-09-07 14:33:44 +0300 |
| commit | e7af210e6dd0de633d3f4850383310cf57473bc8 (patch) | |
| tree | 98c5caf15be26c3223112d743687ef49bdd37e06 | |
| parent | 08724ef69907214ce622344fe4945412e38368f0 (diff) | |
| download | linux-e7af210e6dd0de633d3f4850383310cf57473bc8.tar.xz | |
netfilter: nft_payload: reject out-of-range attributes via policy
Now that nla_policy allows range checks for bigendian data make use of
this to reject such attributes. At this time, reject happens later
from the init or select_ops callbacks, but its prone to errors.
In the future, new attributes can be handled via NLA_POLICY_MAX_BE
and exiting ones can be converted one by one.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/netfilter/nft_payload.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c index eb0e40c29712..088244f9d838 100644 --- a/net/netfilter/nft_payload.c +++ b/net/netfilter/nft_payload.c @@ -173,10 +173,10 @@ static const struct nla_policy nft_payload_policy[NFTA_PAYLOAD_MAX + 1] = { [NFTA_PAYLOAD_SREG] = { .type = NLA_U32 }, [NFTA_PAYLOAD_DREG] = { .type = NLA_U32 }, [NFTA_PAYLOAD_BASE] = { .type = NLA_U32 }, - [NFTA_PAYLOAD_OFFSET] = { .type = NLA_U32 }, - [NFTA_PAYLOAD_LEN] = { .type = NLA_U32 }, + [NFTA_PAYLOAD_OFFSET] = NLA_POLICY_MAX_BE(NLA_U32, 255), + [NFTA_PAYLOAD_LEN] = NLA_POLICY_MAX_BE(NLA_U32, 255), [NFTA_PAYLOAD_CSUM_TYPE] = { .type = NLA_U32 }, - [NFTA_PAYLOAD_CSUM_OFFSET] = { .type = NLA_U32 }, + [NFTA_PAYLOAD_CSUM_OFFSET] = NLA_POLICY_MAX_BE(NLA_U32, 255), [NFTA_PAYLOAD_CSUM_FLAGS] = { .type = NLA_U32 }, }; |