diff options
| author | David Wei <dw@davidwei.uk> | 2025-05-02 21:30:50 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-06-04 14:42:16 +0200 |
| commit | 4e3401aa6e447fd90bda66e65f30479a93b8c9ad (patch) | |
| tree | 89f8b4936b1e20a42b10e610aedd16681723f691 /tools/net | |
| parent | 50d0de59f66cbe6d597481e099bf1c70fd07e0a9 (diff) | |
| download | linux-4e3401aa6e447fd90bda66e65f30479a93b8c9ad.tar.gz linux-4e3401aa6e447fd90bda66e65f30479a93b8c9ad.tar.bz2 linux-4e3401aa6e447fd90bda66e65f30479a93b8c9ad.zip | |
tools: ynl-gen: validate 0 len strings from kernel
[ Upstream commit 4720f9707c783f642332dee3d56dccaefa850e42 ]
Strings from the kernel are guaranteed to be null terminated and
ynl_attr_validate() checks for this. But it doesn't check if the string
has a len of 0, which would cause problems when trying to access
data[len - 1]. Fix this by checking that len is positive.
Signed-off-by: David Wei <dw@davidwei.uk>
Link: https://patch.msgid.link/20250503043050.861238-1-dw@davidwei.uk
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'tools/net')
| -rw-r--r-- | tools/net/ynl/lib/ynl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/net/ynl/lib/ynl.c b/tools/net/ynl/lib/ynl.c index ae61ae5b02bf..0871f86c6b66 100644 --- a/tools/net/ynl/lib/ynl.c +++ b/tools/net/ynl/lib/ynl.c @@ -368,7 +368,7 @@ int ynl_attr_validate(struct ynl_parse_arg *yarg, const struct nlattr *attr) "Invalid attribute (binary %s)", policy->name); return -1; case YNL_PT_NUL_STR: - if ((!policy->len || len <= policy->len) && !data[len - 1]) + if (len && (!policy->len || len <= policy->len) && !data[len - 1]) break; yerr(yarg->ys, YNL_ERROR_ATTR_INVALID, "Invalid attribute (string %s)", policy->name); |