From: Thomas Egerer <thomas.egerer@secunet.com>
Date: Thu, 16 Aug 2018 07:12:37 +0000 (+0200)
Subject: kernel-netlink: Align concatenated Netlink responses
X-Git-Tag: 5.7.0rc1~42
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5100a3ed7df1f79f593742224e9bed1754225d5b;p=thirdparty%2Fstrongswan.git

kernel-netlink: Align concatenated Netlink responses

The code to support parallel Netlink queries (commit 3c7193f) made use
of nlmsg_len member from struct nlmsghdr to allocate and copy the
responses. Since NLMSG_NEXT is later used to parse these responses, they
must be aligned, or the results are undefined.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
---

diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
index 441c0c4829..2327d75915 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
@@ -381,7 +381,7 @@ static status_t send_once(private_netlink_socket_t *this, struct nlmsghdr *in,
 	for (i = 0, *out_len = 0; i < array_count(entry->hdrs); i++)
 	{
 		array_get(entry->hdrs, i, &hdr);
-		*out_len += hdr->nlmsg_len;
+		*out_len += NLMSG_ALIGN(hdr->nlmsg_len);
 	}
 	ptr = malloc(*out_len);
 	*out = (struct nlmsghdr*)ptr;
@@ -394,7 +394,7 @@ static status_t send_once(private_netlink_socket_t *this, struct nlmsghdr *in,
 				 hdr->nlmsg_seq, hdr, hdr->nlmsg_len);
 		}
 		memcpy(ptr, hdr, hdr->nlmsg_len);
-		ptr += hdr->nlmsg_len;
+		ptr += NLMSG_ALIGN(hdr->nlmsg_len);
 		free(hdr);
 	}
 	destroy_entry(entry);