datapath: Check packet len does not exceed attribute len.

Netlink attributes have a maximum length of 64k.  It's theoretically
possible that a packet could exceed this length, so check for it before
we try to send the packet to userspace.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

diff --git a/datapath/datapath.c b/datapath/datapath.c
index 69b524c548f8612717b7e0b83b185a1e3bfb242b..ebfc2e9941e16a19f15887ad172432eef43e17d4 100644 (file)
--- a/datapath/datapath.c
+++ b/datapath/datapath.c
@@ -492,6 +492,9 @@ static int queue_control_packets(struct datapath *dp, struct sk_buff *skb,
                if (unlikely(err))
                        goto err_kfree_skbs;
 
+               if (nla_attr_size(skb->len) > USHRT_MAX)
+                       goto err_kfree_skbs;
+
                len = sizeof(struct odp_header);
                len += nla_total_size(skb->len);
                len += nla_total_size(FLOW_BUFSIZE);