Commit 11f6dff8 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: arp_tables: resync get_entries() with ip_tables

Resync get_entries() with ip_tables.c by moving the checks from the
setsockopt handler to the function itself.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 41acd975
...@@ -825,23 +825,35 @@ static int get_info(void __user *user, int *len) ...@@ -825,23 +825,35 @@ static int get_info(void __user *user, int *len)
return ret; return ret;
} }
static int get_entries(const struct arpt_get_entries *entries, static int get_entries(struct arpt_get_entries __user *uptr, int *len)
struct arpt_get_entries __user *uptr)
{ {
int ret; int ret;
struct arpt_get_entries get;
struct arpt_table *t; struct arpt_table *t;
t = xt_find_table_lock(NF_ARP, entries->name); if (*len < sizeof(get)) {
duprintf("get_entries: %u < %Zu\n", *len, sizeof(get));
return -EINVAL;
}
if (copy_from_user(&get, uptr, sizeof(get)) != 0)
return -EFAULT;
if (*len != sizeof(struct arpt_get_entries) + get.size) {
duprintf("get_entries: %u != %Zu\n", *len,
sizeof(struct arpt_get_entries) + get.size);
return -EINVAL;
}
t = xt_find_table_lock(NF_ARP, get.name);
if (t && !IS_ERR(t)) { if (t && !IS_ERR(t)) {
struct xt_table_info *private = t->private; struct xt_table_info *private = t->private;
duprintf("t->private->number = %u\n", duprintf("t->private->number = %u\n",
private->number); private->number);
if (entries->size == private->size) if (get.size == private->size)
ret = copy_entries_to_user(private->size, ret = copy_entries_to_user(private->size,
t, uptr->entrytable); t, uptr->entrytable);
else { else {
duprintf("get_entries: I've got %u not %u!\n", duprintf("get_entries: I've got %u not %u!\n",
private->size, entries->size); private->size, get.size);
ret = -EINVAL; ret = -EINVAL;
} }
module_put(t->me); module_put(t->me);
...@@ -1055,22 +1067,9 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len ...@@ -1055,22 +1067,9 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len
ret = get_info(user, len); ret = get_info(user, len);
break; break;
case ARPT_SO_GET_ENTRIES: { case ARPT_SO_GET_ENTRIES:
struct arpt_get_entries get; ret = get_entries(user, len);
if (*len < sizeof(get)) {
duprintf("get_entries: %u < %Zu\n", *len, sizeof(get));
ret = -EINVAL;
} else if (copy_from_user(&get, user, sizeof(get)) != 0) {
ret = -EFAULT;
} else if (*len != sizeof(struct arpt_get_entries) + get.size) {
duprintf("get_entries: %u != %Zu\n", *len,
sizeof(struct arpt_get_entries) + get.size);
ret = -EINVAL;
} else
ret = get_entries(&get, user);
break; break;
}
case ARPT_SO_GET_REVISION_TARGET: { case ARPT_SO_GET_REVISION_TARGET: {
struct xt_get_revision rev; struct xt_get_revision rev;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment