diff options
author | Wang Xin <xin.wang7@cn.bosch.com> | 2020-11-17 15:42:22 +0100 |
---|---|---|
committer | Marc Kleine-Budde <mkl@pengutronix.de> | 2020-11-17 15:53:24 +0100 |
commit | b5823dc86f8d0c2ff5f46fcda6e8b75728fc69ee (patch) | |
tree | 1b8a737118f2b9de50827cd6ea98bd005c342b87 | |
parent | df01f01354d7c44a07370ae27a3d20b52255830b (diff) | |
download | libsocketcan-b5823dc86f8d0c2ff5f46fcda6e8b75728fc69ee.tar.gz libsocketcan-b5823dc86f8d0c2ff5f46fcda6e8b75728fc69ee.tar.xz |
Fix attribute list size in do_get_nl_link()
The function do_get_nl_link() retrieves attributes from the response
RTM_NEWLINK. But it calculates the attribute list size with the wrong
structure struct ifaddrmsg. According to man 7 rtnetlink, RTM_NEWLINK
message uses struct ifinfomsg instead of struct ifaddrmsg. This causes
that additional 8 bytes are parsed and garbage attributes might be
retrieved. One of consequences is that the message will be dropped if
the garbage attribute is IFLA_IFNAME and contains an invalid interface
name.
To fix this issue, use struct ifinfomsg to calculate the size of
attribute list for RTM_NEWLINK.
Signed-off-by: Wang Xin <xin.wang7@cn.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
-rw-r--r-- | src/libsocketcan.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libsocketcan.c b/src/libsocketcan.c index c802849..60142cc 100644 --- a/src/libsocketcan.c +++ b/src/libsocketcan.c @@ -411,7 +411,7 @@ static int do_get_nl_link(int fd, __u8 acquire, const char *name, void *res) struct rtattr *tb[IFLA_MAX + 1]; len = - nl_msg->nlmsg_len - NLMSG_LENGTH(sizeof(struct ifaddrmsg)); + nl_msg->nlmsg_len - NLMSG_LENGTH(sizeof(struct ifinfomsg)); parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); /* Finish process if the reply message is matched */ |