From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Tue, 11 Oct 2016 06:02:14 +0000 (+0200)
Subject: Check IPSET_ATTR_ETHER netlink attribute length in hash:ipmac too
X-Git-Tag: v6.30~12
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=15d7b6d7a3615c897438955257a7a4f0390ff1d8;p=ipset

Check IPSET_ATTR_ETHER netlink attribute length in hash:ipmac too

The explicit length checking was missing, added.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
---

diff --git a/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c b/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c
index aa99251..d9eb144 100644
--- a/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c
+++ b/kernel/net/netfilter/ipset/ip_set_hash_ipmac.c
@@ -123,6 +123,7 @@ hash_ipmac4_uadt(struct ip_set *set, struct nlattr *tb[],
 
 	if (unlikely(!tb[IPSET_ATTR_IP] ||
 		     !tb[IPSET_ATTR_ETHER] ||
+		     nla_len(tb[IPSET_ATTR_ETHER]) != ETH_ALEN ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_PACKETS) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_BYTES)   ||
@@ -241,6 +242,7 @@ hash_ipmac6_uadt(struct ip_set *set, struct nlattr *tb[],
 
 	if (unlikely(!tb[IPSET_ATTR_IP] ||
 		     !tb[IPSET_ATTR_ETHER] ||
+		     nla_len(tb[IPSET_ATTR_ETHER]) != ETH_ALEN ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_PACKETS) ||
 		     !ip_set_optattr_netorder(tb, IPSET_ATTR_BYTES)   ||