From: Roy Marples <roy@marples.name>
Date: Fri, 24 Aug 2012 19:05:26 +0000 (+0000)
Subject: Only accept netlink messages from the kernel.
X-Git-Tag: v5.6.2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f59b5ba3d2ec6aa742cad453f00086aeb0505853;p=thirdparty%2Fdhcpcd.git

Only accept netlink messages from the kernel.
Thanks to Mikhail Efremov.
---

diff --git a/if-linux.c b/if-linux.c
index d9db786d..f39507a4 100644
--- a/if-linux.c
+++ b/if-linux.c
@@ -153,6 +153,8 @@ get_netlink(int fd, int flags,
 	char *buf = NULL, *nbuf;
 	ssize_t buflen = 0, bytes;
 	struct nlmsghdr *nlm;
+	struct sockaddr_nl nladdr;
+	socklen_t nladdr_len = sizeof(nladdr);
 	int r = -1;
 
 	for (;;) {
@@ -181,7 +183,8 @@ get_netlink(int fd, int flags,
 				goto eexit;
 			buf = nbuf;
 		}
-		bytes = recv(fd, buf, buflen, flags);
+		bytes = recvfrom(fd, buf, buflen, flags,
+		    (struct sockaddr *)&nladdr, &nladdr_len);
 		if (bytes == -1) {
 			if (errno == EAGAIN) {
 				r = 0;
@@ -191,6 +194,16 @@ get_netlink(int fd, int flags,
 				continue;
 			goto eexit;
 		}
+
+		/* Check sender */
+		if (nladdr_len != sizeof(nladdr)) {
+			errno = EINVAL;
+			goto eexit;
+		}
+		/* Ignore message if it is not from kernel */
+		if (nladdr.nl_pid != 0)
+			continue;
+
 		for (nlm = (struct nlmsghdr *)(void *)buf;
 		     NLMSG_OK(nlm, (size_t)bytes);
 		     nlm = NLMSG_NEXT(nlm, bytes))