ip_tunnel: Add sanity checks to ip_tunnel_encap_add_ops()

The symbols are exported and could be used by external modules.

Fixes: a8c5f9 ("ip_tunnel: Ops registration for secondary encap (fou, gue)")
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
index 63e745a..2f498f8 100644 (file)
--- a/net/ipv4/ip_tunnel.c
+++ b/net/ipv4/ip_tunnel.c
@@ -514,6 +514,9 @@ const struct ip_tunnel_encap_ops __rcu *
 int ip_tunnel_encap_add_ops(const struct ip_tunnel_encap_ops *ops,
                            unsigned int num)
 {
 int ip_tunnel_encap_add_ops(const struct ip_tunnel_encap_ops *ops,
                            unsigned int num)
 {

+       if (num >= MAX_IPTUN_ENCAP_OPS)
+               return -ERANGE;
+

        return !cmpxchg((const struct ip_tunnel_encap_ops **)
                        &iptun_encaps[num],
                        NULL, ops) ? 0 : -1;
        return !cmpxchg((const struct ip_tunnel_encap_ops **)
                        &iptun_encaps[num],
                        NULL, ops) ? 0 : -1;


@@ -525,6 +528,9 @@ int ip_tunnel_encap_del_ops(const struct ip_tunnel_encap_ops *ops,
 {
        int ret;
 
 {
        int ret;
 

+       if (num >= MAX_IPTUN_ENCAP_OPS)
+               return -ERANGE;
+

        ret = (cmpxchg((const struct ip_tunnel_encap_ops **)
                       &iptun_encaps[num],
                       ops, NULL) == ops) ? 0 : -1;
        ret = (cmpxchg((const struct ip_tunnel_encap_ops **)
                       &iptun_encaps[num],
                       ops, NULL) == ops) ? 0 : -1;