Commit 6fd8c006 authored by David Stainton's avatar David Stainton Committed by Mikio Hara

syscall: add bounds checking and error returns to ParseNetlinkMessage

Fixes #16681

Change-Id: I6ff7ec81fe48ab06be3aae5b7ff92e9dc70960c3
Reviewed-on: https://go-review.googlesource.com/26990
Run-TryBot: Mikio Hara <mikioh.mikioh@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: default avatarMikio Hara <mikioh.mikioh@gmail.com>
parent 33e63ebc
...@@ -129,10 +129,11 @@ func ParseNetlinkMessage(b []byte) ([]NetlinkMessage, error) { ...@@ -129,10 +129,11 @@ func ParseNetlinkMessage(b []byte) ([]NetlinkMessage, error) {
func netlinkMessageHeaderAndData(b []byte) (*NlMsghdr, []byte, int, error) { func netlinkMessageHeaderAndData(b []byte) (*NlMsghdr, []byte, int, error) {
h := (*NlMsghdr)(unsafe.Pointer(&b[0])) h := (*NlMsghdr)(unsafe.Pointer(&b[0]))
if int(h.Len) < NLMSG_HDRLEN || int(h.Len) > len(b) { l := nlmAlignOf(int(h.Len))
if int(h.Len) < NLMSG_HDRLEN || l > len(b) {
return nil, nil, 0, EINVAL return nil, nil, 0, EINVAL
} }
return h, b[NLMSG_HDRLEN:], nlmAlignOf(int(h.Len)), nil return h, b[NLMSG_HDRLEN:], l, nil
} }
// NetlinkRouteAttr represents a netlink route attribute. // NetlinkRouteAttr represents a netlink route attribute.
......
...@@ -138,3 +138,31 @@ func deathSignalChild() { ...@@ -138,3 +138,31 @@ func deathSignalChild() {
fmt.Println("not ok") fmt.Println("not ok")
os.Exit(1) os.Exit(1)
} }
func TestParseNetlinkMessage(t *testing.T) {
for i, b := range [][]byte{
{103, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 2, 11, 0, 1, 0, 0, 0, 0, 5, 8, 0, 3,
0, 8, 0, 6, 0, 0, 0, 0, 1, 63, 0, 10, 0, 69, 16, 0, 59, 39, 82, 64, 0, 64, 6, 21, 89, 127, 0, 0,
1, 127, 0, 0, 1, 230, 228, 31, 144, 32, 186, 155, 211, 185, 151, 209, 179, 128, 24, 1, 86,
53, 119, 0, 0, 1, 1, 8, 10, 0, 17, 234, 12, 0, 17, 189, 126, 107, 106, 108, 107, 106, 13, 10,
},
{106, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 2, 11, 0, 1, 0, 0, 0, 0, 3, 8, 0, 3,
0, 8, 0, 6, 0, 0, 0, 0, 1, 66, 0, 10, 0, 69, 0, 0, 62, 230, 255, 64, 0, 64, 6, 85, 184, 127, 0, 0,
1, 127, 0, 0, 1, 237, 206, 31, 144, 73, 197, 128, 65, 250, 60, 192, 97, 128, 24, 1, 86, 253, 21, 0,
0, 1, 1, 8, 10, 0, 51, 106, 89, 0, 51, 102, 198, 108, 104, 106, 108, 107, 104, 108, 107, 104, 10,
},
{102, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 2, 11, 0, 1, 0, 0, 0, 0, 1, 8, 0, 3, 0,
8, 0, 6, 0, 0, 0, 0, 1, 62, 0, 10, 0, 69, 0, 0, 58, 231, 2, 64, 0, 64, 6, 85, 185, 127, 0, 0, 1, 127,
0, 0, 1, 237, 206, 31, 144, 73, 197, 128, 86, 250, 60, 192, 97, 128, 24, 1, 86, 104, 64, 0, 0, 1, 1, 8,
10, 0, 52, 198, 200, 0, 51, 135, 232, 101, 115, 97, 103, 103, 10,
},
} {
m, err := syscall.ParseNetlinkMessage(b)
if err != syscall.EINVAL {
t.Errorf("#%d: got %v; want EINVAL", i, err)
}
if m != nil {
t.Errorf("#%d: got %v; want nil", i, m)
}
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment