diff options
| author | Nelson Elhage <nelhage@ksplice.com> | 2010-11-03 16:35:41 +0000 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-04-14 16:53:52 -0700 |
| commit | 2dbba29d47e24703420d9331fb9bddeba4a38506 (patch) | |
| tree | cfc7804832f3dfc720ddf9489fd15322bd74f1df /net/econet/af_econet.c | |
| parent | 4312007ec44ba76536bd660a236701a7de21e98b (diff) | |
inet_diag: Make sure we actually run the same bytecode we audited.
commit 22e76c849d505d87c5ecf3d3e6742a65f0ff4860 upstream.
We were using nlmsg_find_attr() to look up the bytecode by attribute when
auditing, but then just using the first attribute when actually running
bytecode. So, if we received a message with two attribute elements, where only
the second had type INET_DIAG_REQ_BYTECODE, we would validate and run different
bytecode strings.
Fix this by consistently using nlmsg_find_attr everywhere.
Signed-off-by: Nelson Elhage <nelhage@ksplice.com>
Signed-off-by: Thomas Graf <tgraf@infradead.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[jmm: Slightly adapted to apply against 2.6.32]
Cc: Moritz Muehlenhoff <jmm@debian.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'net/econet/af_econet.c')
0 files changed, 0 insertions, 0 deletions