From 4565d7e5a300fcc3a41d40dbcf7ff9d1fe316814 Mon Sep 17 00:00:00 2001 From: David Ahern Date: Mon, 8 Oct 2018 13:57:24 -0700 Subject: [PATCH] rtnetlink: Move ifm in valid_fdb_dump_legacy to closer to use Move setting of local variable ifm to after the message parsing in valid_fdb_dump_legacy. Avoid potential future use of unchecked variable. Fixes: 8dfbda19a21b ("rtnetlink: Move input checking for rtnl_fdb_dump to helper") Reported-by: Christian Brauner Signed-off-by: David Ahern Signed-off-by: David S. Miller --- net/core/rtnetlink.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c index c894c4af8981..2715f8d21517 100644 --- a/net/core/rtnetlink.c +++ b/net/core/rtnetlink.c @@ -3857,7 +3857,6 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh, int *br_idx, int *brport_idx, struct netlink_ext_ack *extack) { - struct ifinfomsg *ifm = nlmsg_data(nlh); struct nlattr *tb[IFLA_MAX+1]; int err; @@ -3871,6 +3870,8 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh, if (nlmsg_len(nlh) != sizeof(struct ndmsg) && (nlmsg_len(nlh) != sizeof(struct ndmsg) + nla_attr_size(sizeof(u32)))) { + struct ifinfomsg *ifm; + err = nlmsg_parse(nlh, sizeof(struct ifinfomsg), tb, IFLA_MAX, ifla_policy, extack); if (err < 0) { @@ -3880,6 +3881,7 @@ static int valid_fdb_dump_legacy(const struct nlmsghdr *nlh, *br_idx = nla_get_u32(tb[IFLA_MASTER]); } + ifm = nlmsg_data(nlh); *brport_idx = ifm->ifi_index; } return 0; -- 2.30.2