git: 6380058fe5b5 - main - netlink: use correct uint16_t type for attribute type & length

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Gleb Smirnoff <glebius_at_FreeBSD.org>
Date: Tue, 03 Dec 2024 20:05:00 UTC
The branch main has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=6380058fe5b5573ce2eb1a077d95ac9328e19334

commit 6380058fe5b5573ce2eb1a077d95ac9328e19334
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2024-12-03 20:04:30 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2024-12-03 20:04:30 +0000

    netlink: use correct uint16_t type for attribute type & length
    
    Reviewed by:            melifaro
    Differential Revision:  https://reviews.freebsd.org/D47552
---
 sys/netlink/netlink_message_writer.c |  8 ++++++--
 sys/netlink/netlink_message_writer.h | 38 +++++++++++++++++++-----------------
 2 files changed, 26 insertions(+), 20 deletions(-)

diff --git a/sys/netlink/netlink_message_writer.c b/sys/netlink/netlink_message_writer.c
index 092e3798f8e7..1aebc4690c2d 100644
--- a/sys/netlink/netlink_message_writer.c
+++ b/sys/netlink/netlink_message_writer.c
@@ -363,11 +363,15 @@ nlmsg_reserve_data_raw(struct nl_writer *nw, size_t sz)
 }
 
 bool
-nlattr_add(struct nl_writer *nw, int attr_type, int attr_len, const void *data)
+nlattr_add(struct nl_writer *nw, uint16_t attr_type, uint16_t attr_len,
+    const void *data)
 {
 	struct nl_buf *nb = nw->buf;
 	struct nlattr *nla;
-	u_int required_len;
+	size_t required_len;
+
+	KASSERT(attr_len <= UINT16_MAX - sizeof(struct nlattr),
+	   ("%s: invalid attribute length %u", __func__, attr_len));
 
 	required_len = NLA_ALIGN(attr_len + sizeof(struct nlattr));
 	if (__predict_false(nb->datalen + required_len > nb->buflen)) {
diff --git a/sys/netlink/netlink_message_writer.h b/sys/netlink/netlink_message_writer.h
index 9469883feaa7..1655acb53fef 100644
--- a/sys/netlink/netlink_message_writer.h
+++ b/sys/netlink/netlink_message_writer.h
@@ -214,93 +214,95 @@ _nlmsg_reserve_attr(struct nl_writer *nw, uint16_t nla_type, uint16_t sz)
 }
 #define	nlmsg_reserve_attr(_ns, _at, _t)	((_t *)_nlmsg_reserve_attr(_ns, _at, NLA_ALIGN(sizeof(_t))))
 
-bool nlattr_add(struct nl_writer *nw, int attr_type, int attr_len,
+bool nlattr_add(struct nl_writer *nw, uint16_t attr_type, uint16_t attr_len,
     const void *data);
 
 static inline bool
 nlattr_add_raw(struct nl_writer *nw, const struct nlattr *nla_src)
 {
-	int attr_len = nla_src->nla_len - sizeof(struct nlattr);
+	MPASS(nla_src->nla_len >= sizeof(struct nlattr));
 
-	MPASS(attr_len >= 0);
-
-	return (nlattr_add(nw, nla_src->nla_type, attr_len, (const void *)(nla_src + 1)));
+	return (nlattr_add(nw, nla_src->nla_type,
+	    nla_src->nla_len - sizeof(struct nlattr),
+	    (const void *)(nla_src + 1)));
 }
 
 static inline bool
-nlattr_add_bool(struct nl_writer *nw, int attrtype, bool value)
+nlattr_add_bool(struct nl_writer *nw, uint16_t attrtype, bool value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(bool), &value));
 }
 
 static inline bool
-nlattr_add_u8(struct nl_writer *nw, int attrtype, uint8_t value)
+nlattr_add_u8(struct nl_writer *nw, uint16_t attrtype, uint8_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(uint8_t), &value));
 }
 
 static inline bool
-nlattr_add_u16(struct nl_writer *nw, int attrtype, uint16_t value)
+nlattr_add_u16(struct nl_writer *nw, uint16_t attrtype, uint16_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(uint16_t), &value));
 }
 
 static inline bool
-nlattr_add_u32(struct nl_writer *nw, int attrtype, uint32_t value)
+nlattr_add_u32(struct nl_writer *nw, uint16_t attrtype, uint32_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(uint32_t), &value));
 }
 
 static inline bool
-nlattr_add_u64(struct nl_writer *nw, int attrtype, uint64_t value)
+nlattr_add_u64(struct nl_writer *nw, uint16_t attrtype, uint64_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(uint64_t), &value));
 }
 
 static inline bool
-nlattr_add_s8(struct nl_writer *nw, int attrtype, int8_t value)
+nlattr_add_s8(struct nl_writer *nw, uint16_t attrtype, int8_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(int8_t), &value));
 }
 
 static inline bool
-nlattr_add_s16(struct nl_writer *nw, int attrtype, int16_t value)
+nlattr_add_s16(struct nl_writer *nw, uint16_t attrtype, int16_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(int16_t), &value));
 }
 
 static inline bool
-nlattr_add_s32(struct nl_writer *nw, int attrtype, int32_t value)
+nlattr_add_s32(struct nl_writer *nw, uint16_t attrtype, int32_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(int32_t), &value));
 }
 
 static inline bool
-nlattr_add_s64(struct nl_writer *nw, int attrtype, int64_t value)
+nlattr_add_s64(struct nl_writer *nw, uint16_t attrtype, int64_t value)
 {
 	return (nlattr_add(nw, attrtype, sizeof(int64_t), &value));
 }
 
 static inline bool
-nlattr_add_flag(struct nl_writer *nw, int attrtype)
+nlattr_add_flag(struct nl_writer *nw, uint16_t attrtype)
 {
 	return (nlattr_add(nw, attrtype, 0, NULL));
 }
 
 static inline bool
-nlattr_add_string(struct nl_writer *nw, int attrtype, const char *str)
+nlattr_add_string(struct nl_writer *nw, uint16_t attrtype, const char *str)
 {
 	return (nlattr_add(nw, attrtype, strlen(str) + 1, str));
 }
 
 static inline bool
-nlattr_add_in_addr(struct nl_writer *nw, int attrtype, const struct in_addr *in)
+nlattr_add_in_addr(struct nl_writer *nw, uint16_t attrtype,
+    const struct in_addr *in)
 {
 	return (nlattr_add(nw, attrtype, sizeof(*in), in));
 }
 
 static inline bool
-nlattr_add_in6_addr(struct nl_writer *nw, int attrtype, const struct in6_addr *in6)
+nlattr_add_in6_addr(struct nl_writer *nw, uint16_t attrtype,
+    const struct in6_addr *in6)
 {
 	return (nlattr_add(nw, attrtype, sizeof(*in6), in6));
 }