From: Johannes Berg
Date: Tue, 30 Apr 2019 08:58:10 +0200
> If you prefer to have the safeguard in net even if it shouldn't be
> needed now, let me know and I'll make a version that applies there, but
> note that will invariably cause conflicts with all the other changes in
> lib/nlattr.c.
No, t
On Mon, 2019-04-29 at 23:08 -0400, David Miller wrote:
> From: Johannes Berg
> Date: Fri, 26 Apr 2019 14:13:46 +0200
>
> > From: Johannes Berg
> >
> > Now that we have nested policies, we can theoretically
> > recurse forever parsing attributes if a (sub-)policy
> > refers back to a higher leve
From: Johannes Berg
Date: Fri, 26 Apr 2019 14:13:46 +0200
> From: Johannes Berg
>
> Now that we have nested policies, we can theoretically
> recurse forever parsing attributes if a (sub-)policy
> refers back to a higher level one. This is a situation
> that has happened in nl80211, and we've av
Hi Pablo,
> > + [NL80211_PMSR_PEER_ATTR_CHAN] = NLA_POLICY_NESTED(nl80211_policy),
>
> I guess you only allow one more nested instance of this attribute?
>
> I mean, how many times is NL80211 allow to recurse on this?
It doesn't actually recurse on this at all. We really should've
specified
On Fri, Apr 26, 2019 at 02:13:46PM +0200, Johannes Berg wrote:
> diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
> index 4fc7c122e916..09a17b30ba73 100644
> --- a/net/wireless/nl80211.c
> +++ b/net/wireless/nl80211.c
> @@ -219,6 +219,8 @@ static int validate_ie_attr(const struct nlattr
From: Johannes Berg
Now that we have nested policies, we can theoretically
recurse forever parsing attributes if a (sub-)policy
refers back to a higher level one. This is a situation
that has happened in nl80211, and we've avoided it there
by not linking it.
Add some code to netlink parsing to l
