On Tue, 25 Jul 2023 10:45:29 +0800, Lin Ma wrote:
> The current NETLINK_ISCSI netlink parsing loop checks every nlmsg to
> make sure the length is bigger than the sizeof(struct iscsi_uevent) and
> then calls iscsi_if_recv_msg(...).
>
> nlh = nlmsg_hdr(skb);
> if (nlh->nlmsg_len < sizeof(*nlh) + sizeof(*ev) ||
> skb->len < nlh->nlmsg_len) {
> break;
> }
> ...
> err = iscsi_if_recv_msg(skb, nlh, &group);
>
> [...]
Applied to 6.6/scsi-queue, thanks!
[1/2] scsi: iscsi: Add length check for nlattr payload
https://git.kernel.org/mkp/scsi/c/971dfcb74a80
--
Martin K. Petersen Oracle Linux Engineering
