tc: filter: validate filter priority in userspace.

Because we use the high 16 bits of tcm_info to pass prio value to
kernel, thus it's range would be [0, 0xffff], without validation
in tc when user pass a lager(>65535) priority, the actual priority
set in kernel would confuse the user.

So, add a validation to ensure prio in the range.

diff --git a/tc/tc_filter.c b/tc/tc_filter.c
index 207302fc25019750efa7538a28cd96b0e3e6fa17..04c3b824ba731a98d12acbeb505b6a0b38e24869 100644 (file)
--- a/tc/tc_filter.c
+++ b/tc/tc_filter.c
@@ -105,7 +105,7 @@ int tc_filter_modify(int cmd, unsigned flags, int argc, char **argv)
                        NEXT_ARG();
                        if (prio)
                                duparg("priority", *argv);
-                       if (get_u32(&prio, *argv, 0))
+                       if (get_u32(&prio, *argv, 0) || prio > 0xFFFF)
                                invarg(*argv, "invalid priority value");
                } else if (matches(*argv, "protocol") == 0) {
                        __u16 id;