Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7b46a644 authored by David S. Miller's avatar David S. Miller
Browse files

netlink: Fix bugs in nlmsg_end() conversions. 



Commit 053c095a ("netlink: make nlmsg_end() and genlmsg_end()
void") didn't catch all of the cases where callers were breaking out
on the return value being equal to zero, which they no longer should
when zero means success.

Fix all such cases.

Reported-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Reported-by: default avatarScott Feldman <sfeldma@gmail.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 27c00132

net/core/neighbour.c

+4 −4
Original line number Original line Diff line number Diff line
@@ -2128,7 +2128,7 @@ static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 




		if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,

		if (neightbl_fill_info(skb, tbl, NETLINK_CB(cb->skb).portid,

				       cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,

				       cb->nlh->nlmsg_seq, RTM_NEWNEIGHTBL,

				       NLM_F_MULTI) <= 0)

				       NLM_F_MULTI) < 0)

			break;

			break;





		nidx = 0;

		nidx = 0;
@@ -2144,7 +2144,7 @@ static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb) 
						     NETLINK_CB(cb->skb).portid,

						     NETLINK_CB(cb->skb).portid,

						     cb->nlh->nlmsg_seq,

						     cb->nlh->nlmsg_seq,

						     RTM_NEWNEIGHTBL,

						     RTM_NEWNEIGHTBL,

						     NLM_F_MULTI) <= 0)

						     NLM_F_MULTI) < 0)

				goto out;

				goto out;

		next:

		next:

			nidx++;

			nidx++;
@@ -2274,7 +2274,7 @@ static int neigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 
			if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,

			if (neigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,

					    cb->nlh->nlmsg_seq,

					    cb->nlh->nlmsg_seq,

					    RTM_NEWNEIGH,

					    RTM_NEWNEIGH,

					    NLM_F_MULTI) <= 0) {

					    NLM_F_MULTI) < 0) {

				rc = -1;

				rc = -1;

				goto out;

				goto out;

			}

			}
@@ -2311,7 +2311,7 @@ static int pneigh_dump_table(struct neigh_table *tbl, struct sk_buff *skb, 
			if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,

			if (pneigh_fill_info(skb, n, NETLINK_CB(cb->skb).portid,

					    cb->nlh->nlmsg_seq,

					    cb->nlh->nlmsg_seq,

					    RTM_NEWNEIGH,

					    RTM_NEWNEIGH,

					    NLM_F_MULTI, tbl) <= 0) {

					    NLM_F_MULTI, tbl) < 0) {

				read_unlock_bh(&tbl->lock);

				read_unlock_bh(&tbl->lock);

				rc = -1;

				rc = -1;

				goto out;

				goto out;

net/core/rtnetlink.c

+1 −1
Original line number Original line Diff line number Diff line
@@ -1327,7 +1327,7 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) 
			 */

			 */

			WARN_ON((err == -EMSGSIZE) && (skb->len == 0));

			WARN_ON((err == -EMSGSIZE) && (skb->len == 0));





			if (err <= 0)

			if (err < 0)

				goto out;

				goto out;





			nl_dump_check_consistent(cb, nlmsg_hdr(skb));

			nl_dump_check_consistent(cb, nlmsg_hdr(skb));

net/decnet/dn_route.c

+1 −4
Original line number Original line Diff line number Diff line
@@ -1710,9 +1710,6 @@ static int dn_cache_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) 
		rt->rt_flags |= RTCF_NOTIFY;

		rt->rt_flags |= RTCF_NOTIFY;





	err = dn_rt_fill_info(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0);

	err = dn_rt_fill_info(skb, NETLINK_CB(in_skb).portid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0);



	if (err == 0)

		goto out_free;

	if (err < 0) {

	if (err < 0) {

		err = -EMSGSIZE;

		err = -EMSGSIZE;

		goto out_free;

		goto out_free;
@@ -1763,7 +1760,7 @@ int dn_cache_dump(struct sk_buff *skb, struct netlink_callback *cb) 
			skb_dst_set(skb, dst_clone(&rt->dst));

			skb_dst_set(skb, dst_clone(&rt->dst));

			if (dn_rt_fill_info(skb, NETLINK_CB(cb->skb).portid,

			if (dn_rt_fill_info(skb, NETLINK_CB(cb->skb).portid,

					cb->nlh->nlmsg_seq, RTM_NEWROUTE,

					cb->nlh->nlmsg_seq, RTM_NEWROUTE,

					1, NLM_F_MULTI) <= 0) {

					1, NLM_F_MULTI) < 0) {

				skb_dst_drop(skb);

				skb_dst_drop(skb);

				rcu_read_unlock_bh();

				rcu_read_unlock_bh();

				goto done;

				goto done;

net/ipv4/devinet.c

+3 −3
Original line number Original line Diff line number Diff line
@@ -1883,7 +1883,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, 
						      cb->nlh->nlmsg_seq,

						      cb->nlh->nlmsg_seq,

						      RTM_NEWNETCONF,

						      RTM_NEWNETCONF,

						      NLM_F_MULTI,

						      NLM_F_MULTI,

						      -1) <= 0) {

						      -1) < 0) {

				rcu_read_unlock();

				rcu_read_unlock();

				goto done;

				goto done;

			}

			}
@@ -1899,7 +1899,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, 
					      NETLINK_CB(cb->skb).portid,

					      NETLINK_CB(cb->skb).portid,

					      cb->nlh->nlmsg_seq,

					      cb->nlh->nlmsg_seq,

					      RTM_NEWNETCONF, NLM_F_MULTI,

					      RTM_NEWNETCONF, NLM_F_MULTI,

					      -1) <= 0)

					      -1) < 0)

			goto done;

			goto done;

		else

		else

			h++;

			h++;
@@ -1910,7 +1910,7 @@ static int inet_netconf_dump_devconf(struct sk_buff *skb, 
					      NETLINK_CB(cb->skb).portid,

					      NETLINK_CB(cb->skb).portid,

					      cb->nlh->nlmsg_seq,

					      cb->nlh->nlmsg_seq,

					      RTM_NEWNETCONF, NLM_F_MULTI,

					      RTM_NEWNETCONF, NLM_F_MULTI,

					      -1) <= 0)

					      -1) < 0)

			goto done;

			goto done;

		else

		else

			h++;

			h++;

net/ipv4/route.c

+1 −1
Original line number Original line Diff line number Diff line
@@ -2483,7 +2483,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) 
	err = rt_fill_info(net, dst, src, &fl4, skb,

	err = rt_fill_info(net, dst, src, &fl4, skb,

			   NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,

			   NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,

			   RTM_NEWROUTE, 0, 0);

			   RTM_NEWROUTE, 0, 0);

	if (err <= 0)

	if (err < 0)

		goto errout_free;

		goto errout_free;





	err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);

	err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);