diff options
| author | Eelco Chaudron <[email protected]> | 2025-05-06 14:28:54 +0000 |
|---|---|---|
| committer | Jakub Kicinski <[email protected]> | 2025-05-07 23:51:02 +0000 |
| commit | 6beb6835c1fbb3f676aebb51a5fee6b77fed9308 (patch) | |
| tree | eaddecca5f0f60b21dee45b96aa380914c2f2074 /net/openvswitch | |
| parent | Merge tag 'wireless-2025-05-06' of https://git.kernel.org/pub/scm/linux/kerne... (diff) | |
| download | kernel-6beb6835c1fbb3f676aebb51a5fee6b77fed9308.tar.gz kernel-6beb6835c1fbb3f676aebb51a5fee6b77fed9308.zip | |
openvswitch: Fix unsafe attribute parsing in output_userspace()
This patch replaces the manual Netlink attribute iteration in
output_userspace() with nla_for_each_nested(), which ensures that only
well-formed attributes are processed.
Fixes: ccb1352e76cf ("net: Add Open vSwitch kernel components.")
Signed-off-by: Eelco Chaudron <[email protected]>
Acked-by: Ilya Maximets <[email protected]>
Acked-by: Aaron Conole <[email protected]>
Link: https://patch.msgid.link/0bd65949df61591d9171c0dc13e42cea8941da10.1746541734.git.echaudro@redhat.com
Signed-off-by: Jakub Kicinski <[email protected]>
Diffstat (limited to 'net/openvswitch')
| -rw-r--r-- | net/openvswitch/actions.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c index 61fea7baae5d..2f22ca59586f 100644 --- a/net/openvswitch/actions.c +++ b/net/openvswitch/actions.c @@ -975,8 +975,7 @@ static int output_userspace(struct datapath *dp, struct sk_buff *skb, upcall.cmd = OVS_PACKET_CMD_ACTION; upcall.mru = OVS_CB(skb)->mru; - for (a = nla_data(attr), rem = nla_len(attr); rem > 0; - a = nla_next(a, &rem)) { + nla_for_each_nested(a, attr, rem) { switch (nla_type(a)) { case OVS_USERSPACE_ATTR_USERDATA: upcall.userdata = a; |