On Sun, Jan 14, 2018 at 03:50:55PM +0100, Lorenzo Bianconi wrote: > Add sanity check on l2specific_type provided by userspace in > l2tp_nl_cmd_session_create() since just L2TP_L2SPECTYPE_DEFAULT and > L2TP_L2SPECTYPE_NONE are currently supported. > Moreover do not always initialize l2specific_type if userspace requests > a given l2-specific sublayer type > I don't understand your last sentence. l2specific_type is always initialised in your patch (or session creation is aborted).
> Signed-off-by: Lorenzo Bianconi <lorenzo.bianc...@redhat.com> > --- > net/l2tp/l2tp_netlink.c | 11 +++++++++-- > 1 file changed, 9 insertions(+), 2 deletions(-) > > diff --git a/net/l2tp/l2tp_netlink.c b/net/l2tp/l2tp_netlink.c > index 48b5bf30ec50..711cf208f23a 100644 > --- a/net/l2tp/l2tp_netlink.c > +++ b/net/l2tp/l2tp_netlink.c > @@ -550,9 +550,16 @@ static int l2tp_nl_cmd_session_create(struct sk_buff > *skb, struct genl_info *inf > if (info->attrs[L2TP_ATTR_DATA_SEQ]) > cfg.data_seq = > nla_get_u8(info->attrs[L2TP_ATTR_DATA_SEQ]); > > - cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; > - if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) > + if (info->attrs[L2TP_ATTR_L2SPEC_TYPE]) { > cfg.l2specific_type = > nla_get_u8(info->attrs[L2TP_ATTR_L2SPEC_TYPE]); > + if (cfg.l2specific_type != L2TP_L2SPECTYPE_DEFAULT && > + cfg.l2specific_type != L2TP_L2SPECTYPE_NONE) { > + ret = -EINVAL; > + goto out_tunnel; > + } > + } else { > + cfg.l2specific_type = L2TP_L2SPECTYPE_DEFAULT; > + } > > cfg.l2specific_len = 4; > if (info->attrs[L2TP_ATTR_L2SPEC_LEN]) > -- > 2.13.6 >