Commit c8bf4d04 authored Mar 31, 2010 by Timo Teräs Committed by David S. Miller Apr 01, 2010

xfrm_user: verify policy direction at XFRM_MSG_POLEXPIRE handler



Add missing check for policy direction verification. This is
especially important since without this xfrm_user may end up
deleting per-socket policy which is not allowed.

Signed-off-by: Timo Teras <timo.teras@iki.fi>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 34996cb9

net/xfrm/xfrm_user.c

+4 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1741,6 +1741,10 @@ static int xfrm_add_pol_expire(struct sk_buff skb, struct nlmsghdr nlh,
	if (err)		if (err)
	return err;		return err;

			err = verify_policy_dir(p->dir);
			if (err)
			return err;

	if (p->index)		if (p->index)
	xp = xfrm_policy_byid(net, mark, type, p->dir, p->index, 0, &err);		xp = xfrm_policy_byid(net, mark, type, p->dir, p->index, 0, &err);
	else {		else {