diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-04-04 02:32:35 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2010-04-04 15:58:54 +0200 |
| commit | 117f033c413820739e6679c926a39a5b3f45ff79 (patch) | |
| tree | fd8ed9da15216992570be27ee55eafb235457fcb /examples | |
| parent | 8ce5d4ca70884654988eb86734cb3022e0b71995 (diff) | |
| download | libmnl-117f033c413820739e6679c926a39a5b3f45ff79.tar.gz libmnl-117f033c413820739e6679c926a39a5b3f45ff79.zip | |
check source of the netlink message and fix sequence tracking logic
This patch changes the callback handlers to include netlink portID
checking. Thus, we avoid that any malicious process can spoof
messages.
If portid, sequence number of the message is != 0, we check if the
message is what we expect. This allows to use the same netlink channel
for dumps (portid, seq != 0) and event-based notifications (portid, seq == 0).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/genl-family-get.c | 5 | ||||
| -rw-r--r-- | examples/rtnl-link-dump.c | 5 | ||||
| -rw-r--r-- | examples/rtnl-link-dump2.c | 5 | ||||
| -rw-r--r-- | examples/rtnl-link-dump3.c | 5 | ||||
| -rw-r--r-- | examples/rtnl-link-event.c | 2 | ||||
| -rw-r--r-- | examples/rtnl-link-set.c | 5 | ||||
| -rw-r--r-- | examples/rtnl-route-dump.c | 5 |
7 files changed, 19 insertions, 13 deletions
diff --git a/examples/genl-family-get.c b/examples/genl-family-get.c index 00f601c..fbe1bf1 100644 --- a/examples/genl-family-get.c +++ b/examples/genl-family-get.c @@ -187,7 +187,7 @@ int main(int argc, char *argv[]) struct nlmsghdr *nlh; struct genlmsghdr *genl; int ret; - unsigned int seq; + unsigned int seq, portid; if (argc != 2) { printf("%s [family name]\n", argv[0]); @@ -216,6 +216,7 @@ int main(int argc, char *argv[]) perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); if (mnl_socket_sendto(nl, nlh, mnl_nlmsg_get_len(nlh)) < 0) { perror("mnl_socket_send"); @@ -224,7 +225,7 @@ int main(int argc, char *argv[]) ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, seq, data_cb, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); if (ret <= 0) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); diff --git a/examples/rtnl-link-dump.c b/examples/rtnl-link-dump.c index 9e3f114..42843aa 100644 --- a/examples/rtnl-link-dump.c +++ b/examples/rtnl-link-dump.c @@ -69,7 +69,7 @@ int main() struct nlmsghdr *nlh; struct rtgenmsg *rt; int ret; - unsigned int seq; + unsigned int seq, portid; nlh = mnl_nlmsg_put_header(buf); nlh->nlmsg_type = RTM_GETLINK; @@ -88,6 +88,7 @@ int main() perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); if (mnl_socket_sendto(nl, nlh, mnl_nlmsg_get_len(nlh)) < 0) { perror("mnl_socket_send"); @@ -96,7 +97,7 @@ int main() ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, seq, data_cb, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); if (ret <= MNL_CB_STOP) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); diff --git a/examples/rtnl-link-dump2.c b/examples/rtnl-link-dump2.c index dc44c54..3c62006 100644 --- a/examples/rtnl-link-dump2.c +++ b/examples/rtnl-link-dump2.c @@ -60,7 +60,7 @@ int main() struct nlmsghdr *nlh; struct rtgenmsg *rt; int ret; - unsigned int seq; + unsigned int seq, portid; nlh = mnl_nlmsg_put_header(buf); nlh->nlmsg_type = RTM_GETLINK; @@ -79,6 +79,7 @@ int main() perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); if (mnl_socket_sendto(nl, nlh, mnl_nlmsg_get_len(nlh)) < 0) { perror("mnl_socket_send"); @@ -87,7 +88,7 @@ int main() ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, seq, data_cb, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); if (ret <= MNL_CB_STOP) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); diff --git a/examples/rtnl-link-dump3.c b/examples/rtnl-link-dump3.c index d5e4458..ce59f9f 100644 --- a/examples/rtnl-link-dump3.c +++ b/examples/rtnl-link-dump3.c @@ -58,7 +58,7 @@ int main() struct nlmsghdr *nlh; struct rtgenmsg *rt; int ret; - unsigned int seq; + unsigned int seq, portid; nlh = mnl_nlmsg_put_header(buf); nlh->nlmsg_type = RTM_GETLINK; @@ -77,6 +77,7 @@ int main() perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); if (mnl_socket_sendto(nl, nlh, mnl_nlmsg_get_len(nlh)) < 0) { perror("mnl_socket_send"); @@ -85,7 +86,7 @@ int main() ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, seq, data_cb, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); if (ret <= MNL_CB_STOP) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); diff --git a/examples/rtnl-link-event.c b/examples/rtnl-link-event.c index 3e25b6f..84daf01 100644 --- a/examples/rtnl-link-event.c +++ b/examples/rtnl-link-event.c @@ -82,7 +82,7 @@ int main() ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, 0, data_cb, NULL); + ret = mnl_cb_run(buf, ret, 0, 0, data_cb, NULL); if (ret <= 0) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); diff --git a/examples/rtnl-link-set.c b/examples/rtnl-link-set.c index 36bf355..d7327dd 100644 --- a/examples/rtnl-link-set.c +++ b/examples/rtnl-link-set.c @@ -14,7 +14,7 @@ int main(int argc, char *argv[]) struct nlmsghdr *nlh; struct ifinfomsg *ifm; int ret; - unsigned int seq, oper; + unsigned int seq, portid, oper; if (argc != 3) { printf("Usage: %s [ifname] [up|down]\n", argv[0]); @@ -50,6 +50,7 @@ int main(int argc, char *argv[]) perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); mnl_nlmsg_print(nlh); @@ -64,7 +65,7 @@ int main(int argc, char *argv[]) exit(EXIT_FAILURE); } - ret = mnl_cb_run(buf, ret, seq, NULL, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, NULL, NULL); if (ret == -1){ perror("callback"); exit(EXIT_FAILURE); diff --git a/examples/rtnl-route-dump.c b/examples/rtnl-route-dump.c index eb36bbc..c3fd577 100644 --- a/examples/rtnl-route-dump.c +++ b/examples/rtnl-route-dump.c @@ -198,7 +198,7 @@ int main() struct nlmsghdr *nlh; struct rtmsg *rtm; int ret; - unsigned int seq; + unsigned int seq, portid; nlh = mnl_nlmsg_put_header(buf); nlh->nlmsg_type = RTM_GETROUTE; @@ -217,6 +217,7 @@ int main() perror("mnl_socket_bind"); exit(EXIT_FAILURE); } + portid = mnl_socket_get_portid(nl); if (mnl_socket_sendto(nl, nlh, mnl_nlmsg_get_len(nlh)) < 0) { perror("mnl_socket_send"); @@ -225,7 +226,7 @@ int main() ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); while (ret > 0) { - ret = mnl_cb_run(buf, ret, 0, data_cb, NULL); + ret = mnl_cb_run(buf, ret, seq, portid, data_cb, NULL); if (ret <= MNL_CB_STOP) break; ret = mnl_socket_recvfrom(nl, buf, sizeof(buf)); |