Received: by 2002:a17:90a:2044:0:0:0:0 with SMTP id n62csp529787pjc;
        Mon, 20 May 2019 11:19:07 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyHrK3wftdzVweTyFccwGmyKyczjkgQ6SRcn3PAfNcLCAUlx4DkBOgS/4S87whfZJRawqAX
X-Received: by 2002:a17:902:b584:: with SMTP id a4mr40974810pls.333.1558376347285;
        Mon, 20 May 2019 11:19:07 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558376347; cv=none;
        d=google.com; s=arc-20160816;
        b=GEvuEd7qvk/O0Tc741tx/IXxvTULpmo+htbz4FHAfRPfOxD+/+ekk9sYszY8DmDJ5H
         sAHN8TqUTMwBenl97Vs+ySfeDIytFYZwqKltOT/yoH4S542NuNsOvmeScGrrv8rlMNju
         ddFyZJp+3OF0R8pEvYfrjG/ZqbEThBScYzJSvKok5w0SgOgG6FoDfhf4RBIzBMSDGFLX
         WUwB+Up1OP8hW+V56PUWU7JTKSZwJuxdPV3zlumH0aEXYY8GfareDJz4ahs6EwXjAI0S
         VNNYTb4tiCLIdlwBj02D+1MgGPkAjtYeTRwmQBzJyu1aCQIbFUG6dyIrRIasMBoZbOs5
         jBPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=TaW6UeGmyozRmacHLxIHp/HxJz7hqtFAco/gdWonY/s=;
        b=oeXctZtTegs2rrDlHb8Q3TD1BUKCPpSGobUFfn+gwF66GPs7BVJVVZVW809vZgZq9N
         z5hQrjpBU7gS50JfNj+hxVeBfOX+M3j+Gb1rBx8Jr9zaIjsKmhR+7aYqO5GrfmnPj+0N
         wBTsDoPZnGTlRhU0eqJDE7zypLFgfeTUZ1DjYQqPvYvQlhrfss8Z/l9KtaoHw3JQhrsw
         WcLzrLcKtbjCfsB3A1R2L2xTO4s2UAzM8LcuxpZe/i6GoDD/9Hmu3myMKCa1UH0iZo17
         LYWSSxQKnhMpt77xzqiBUGatpcrvmYQ4BJsB8vP7NqW593BAQhNnpVgM58WoSZqLoaRq
         XCLg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f17si19690394pgn.99.2019.05.20.11.18.52;
        Mon, 20 May 2019 11:19:07 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2390954AbfETQIC (ORCPT <rfc822;hackukernel@gmail.com>
        + 99 others); Mon, 20 May 2019 12:08:02 -0400
Received: from helcar.hmeau.com ([216.24.177.18]:50786 "EHLO deadmen.hmeau.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S2387973AbfETQIB (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 20 May 2019 12:08:01 -0400
X-Greylist: delayed 2127 seconds by postgrey-1.27 at vger.kernel.org; Mon, 20 May 2019 12:08:01 EDT
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1hSkH4-00086s-4a; Mon, 20 May 2019 23:32:26 +0800
Received: from herbert by gondobar with local (Exim 4.89)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1hSkGx-00023C-KB; Mon, 20 May 2019 23:32:19 +0800
Date:   Mon, 20 May 2019 23:32:19 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Anirudh Gupta <anirudhrudr@gmail.com>
Cc:     Steffen Klassert <steffen.klassert@secunet.com>,
        Anirudh Gupta <anirudh.gupta@sophos.com>,
        "David S. Miller" <davem@davemloft.net>, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH net] xfrm: Fix xfrm sel prefix length validation
Message-ID: <20190520153219.oq3se5wvkasgbtkp@gondor.apana.org.au>
References: <20190520093157.59825-1-anirudh.gupta@sophos.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190520093157.59825-1-anirudh.gupta@sophos.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, May 20, 2019 at 03:01:56PM +0530, Anirudh Gupta wrote:
>
> diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
> index eb8d14389601..fc2a8c08091b 100644
> --- a/net/xfrm/xfrm_user.c
> +++ b/net/xfrm/xfrm_user.c
> @@ -149,7 +149,7 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
>  	int err;
>  
>  	err = -EINVAL;
> -	switch (p->family) {
> +	switch (p->sel.family) {
>  	case AF_INET:
>  		if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32)
>  			goto out;

You just removed the only verification of p->family...
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt