netfilter: nf_tables: validate len in nft_validate_data_load()

For values spanning multiple registers, we need to validate that enough space is available from the destination register onwards. Add a len argument to nft_validate_data_load() and consolidate the existing length validations in preparation of that. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Patrick McHardy <kaber@trash.net> 2015-04-11 02:27:26 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2015-04-13 16:25:49 +0200
commit: 45d9bcda21f4c13be75e3571b0f0ef39e77934b5 (patch)
tree: 54312412f1a9253360db901877e8b51991777562 /net/netfilter/nft_immediate.c
parent: Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue (diff)
download: linux-dev-45d9bcda21f4c13be75e3571b0f0ef39e77934b5.tar.xz
linux-dev-45d9bcda21f4c13be75e3571b0f0ef39e77934b5.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nft_immediate.c b/net/netfilter/nft_immediate.c
index 810385eb7249..1970d8d16890 100644
--- a/net/netfilter/nft_immediate.c
+++ b/net/netfilter/nft_immediate.c
@@ -59,7 +59,8 @@ static int nft_immediate_init(const struct nft_ctx *ctx,
 		return err;
 	priv->dlen = desc.len;
 
-	err = nft_validate_data_load(ctx, priv->dreg, &priv->data, desc.type);
+	err = nft_validate_data_load(ctx, priv->dreg, &priv->data,
+				     desc.type, desc.len);
 	if (err < 0)
 		goto err1;
author	Patrick McHardy <kaber@trash.net>	2015-04-11 02:27:26 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2015-04-13 16:25:49 +0200
commit	45d9bcda21f4c13be75e3571b0f0ef39e77934b5 (patch)
tree	54312412f1a9253360db901877e8b51991777562 /net/netfilter/nft_immediate.c
parent	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue (diff)
download	linux-dev-45d9bcda21f4c13be75e3571b0f0ef39e77934b5.tar.xz linux-dev-45d9bcda21f4c13be75e3571b0f0ef39e77934b5.zip