Commit f1fb521f7d94c35e278d76a9198f078223f26799
Committed by
David S. Miller
1 parent
bb1553c800
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
ip_tunnel: Add missing validation of encap type to ip_tunnel_encap_setup()
The encap->type comes straight from Netlink. Validate it against max supported encap types just like ip_encap_hlen() already does. Fixes: a8c5f9 ("ip_tunnel: Ops registration for secondary encap (fou, gue)") Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
Showing 1 changed file with 3 additions and 0 deletions Side-by-side Diff
net/ipv4/ip_tunnel.c
... | ... | @@ -573,6 +573,9 @@ |
573 | 573 | if (t->encap.type == TUNNEL_ENCAP_NONE) |
574 | 574 | return 0; |
575 | 575 | |
576 | + if (t->encap.type >= MAX_IPTUN_ENCAP_OPS) | |
577 | + return -EINVAL; | |
578 | + | |
576 | 579 | rcu_read_lock(); |
577 | 580 | ops = rcu_dereference(iptun_encaps[t->encap.type]); |
578 | 581 | if (likely(ops && ops->build_header)) |