qi-hardware/openwrt-xburst
1
0
Fork 0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2025-02-24 15:54:42 +02:00
Code

[kernel] swconfig: Check vlan/port indexes for validity.

Browse Source 
Swconfig needs to make sure that requested vlans/ports actually exist,
else it might read or modify memory not belonging to itself.

This patch adds a quick range check in swconfig's kernel part to
prevent accidential or intentional memory modification.

Signed-off-by: Jonas Gorski <jonas.gorski+openwrt@gmail.com>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@20811 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
florian 2010-04-11 20:51:37 +00:00
parent 5788420c90
commit b02fa11a17
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
target/linux/generic-2.6/files/drivers/net/phy/swconfig.c
View File

@ -463,6 +463,8 @@ swconfig_lookup_attr(struct switch_dev *dev, struct genl_info *info,
if (!info->attrs[SWITCH_ATTR_OP_VLAN]) if (!info->attrs[SWITCH_ATTR_OP_VLAN])
goto done; goto done;
val->port_vlan = nla_get_u32(info->attrs[SWITCH_ATTR_OP_VLAN]); val->port_vlan = nla_get_u32(info->attrs[SWITCH_ATTR_OP_VLAN]);
if (val->port_vlan >= dev->vlans)
goto done;
break; break;
case SWITCH_CMD_SET_PORT: case SWITCH_CMD_SET_PORT:
case SWITCH_CMD_GET_PORT: case SWITCH_CMD_GET_PORT:
@ -473,6 +475,8 @@ swconfig_lookup_attr(struct switch_dev *dev, struct genl_info *info,
if (!info->attrs[SWITCH_ATTR_OP_PORT]) if (!info->attrs[SWITCH_ATTR_OP_PORT])
goto done; goto done;
val->port_vlan = nla_get_u32(info->attrs[SWITCH_ATTR_OP_PORT]); val->port_vlan = nla_get_u32(info->attrs[SWITCH_ATTR_OP_PORT]);
if (val->port_vlan >= dev->ports)
goto done;
break; break;
default: default:
WARN_ON(1); WARN_ON(1);