net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
authorDavid Ahern <dsahern@gmail.com>
Fri, 19 Oct 2018 17:00:19 +0000 (10:00 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 10 Nov 2018 15:39:22 +0000 (07:39 -0800)
[ Upstream commit 4ba4c566ba8448a05e6257e0b98a21f1a0d55315 ]

The loop wants to skip previously dumped addresses, so loops until
current index >= saved index. If the message fills it wants to save
the index for the next address to dump - ie., the one that did not
fit in the current message.

Currently, it is incrementing the index counter before comparing to the
saved index, and then the saved index is off by 1 - it assumes the
current address is going to fit in the message.

Change the index handling to increment only after a succesful dump.

Fixes: 502a2ffd7376a ("ipv6: convert idev_list to list macros")
Signed-off-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/ipv6/addrconf.c

index 415b405..78dd9ce 100644 (file)
@@ -4098,8 +4098,8 @@ static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
 
                /* unicast address incl. temp addr */
                list_for_each_entry(ifa, &idev->addr_list, if_list) {
-                       if (++ip_idx < s_ip_idx)
-                               continue;
+                       if (ip_idx < s_ip_idx)
+                               goto next;
                        err = inet6_fill_ifaddr(skb, ifa,
                                                NETLINK_CB(cb->skb).portid,
                                                cb->nlh->nlmsg_seq,
@@ -4108,6 +4108,8 @@ static int in6_dump_addrs(struct inet6_dev *idev, struct sk_buff *skb,
                        if (err <= 0)
                                break;
                        nl_dump_check_consistent(cb, nlmsg_hdr(skb));
+next:
+                       ip_idx++;
                }
                break;
        }