Oh. I did very purposely take that out, but actually I think it is
needed for safety. New patch attached.
Shouldn't that be checked earlier on in netlink_sendmsg, though? Or
aren't all netlink messages going to contain a struct nlmsghdr?
thanks,
-serge
On Fri, 2004-12-03 at 08:12 -0500, Stephen Smalley wrote:
> <snip>
> +int netlink_get_msgtype(struct sk_buff *skb)
> +{
> + struct nlmsghdr *nlh = (struct nlmsghdr *)skb->data;
> +
> + if (nlh->nlmsg_len < sizeof(*nlh) || skb->len < nlh->nlmsg_len)
> + return -EINVAL;
> + return nlh->nlmsg_type;
> +}
> +
> </snip>
>
> In the earlier version of this patch, you also checked for skb->len <
> NLMSG_SPACE(0) before dereferencing skb->data at all. Was that
> unnecessary or did you accidentally drop it?
>
--
Serge Hallyn <serue@private>
This archive was generated by hypermail 2.1.3 : Fri Dec 03 2004 - 05:47:52 PST