[ovs-dev] [PATCH] openvswitch: Fix condition check by using nla_ok()

Jakub Kicinski kuba at kernel.org
Thu Sep 16 14:36:40 UTC 2021


On Thu, 16 Sep 2021 01:43:23 +0000 Jiasheng Jiang wrote:
> Just using 'rem > 0' might be unsafe, so it's better
> to use the nla_ok() instead.
> Because we can see from the nla_next() that
> '*remaining' might be smaller than 'totlen'. And nla_ok()
> will avoid it happening.
> 
> Signed-off-by: Jiasheng Jiang <jiasheng at iscas.ac.cn>

Are the attributes coming from the user space here or are generated 
by the kernel / were already validated?  Depending on that this is
either a fix and needs to be backported or a possible cleanup.

Please repost with the explanation where attrs come from in the commit
message, and if it's indeed a bug please add a Fixes tag.

If we do need the nla_ok() we should probably also switch to
nla_for_each_attr() and nla_for_each_nested().


More information about the dev mailing list