From: Florian Westphal <fw@strlen.de>
Date: Sat, 28 Apr 2018 09:41:23 +0000 (+0200)
Subject: udata: refuse to put more than UINT8_MAX bytes
X-Git-Tag: libnftnl-1.1.0~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9974a9070c03b9ede1272c17adf5129086bf484c;p=thirdparty%2Flibnftnl.git

udata: refuse to put more than UINT8_MAX bytes

->len is uint8_t, so we can't handle more than this.

Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/src/udata.c b/src/udata.c
index 6bd96516..b5a47295 100644
--- a/src/udata.c
+++ b/src/udata.c
@@ -74,7 +74,7 @@ bool nftnl_udata_put(struct nftnl_udata_buf *buf, uint8_t type, uint32_t len,
 {
 	struct nftnl_udata *attr;
 
-	if (buf->size < len + sizeof(struct nftnl_udata))
+	if (len > UINT8_MAX || buf->size < len + sizeof(struct nftnl_udata))
 		return false;
 
 	attr = (struct nftnl_udata *)buf->end;