From 93f992eac5a0d35114de4e937326d1d03a53a25f Mon Sep 17 00:00:00 2001
From: Thomas Graf <tgraf@suug.ch>
Date: Fri, 29 Oct 2010 18:40:48 +0200
Subject: [PATCH] attr: Add padding if nested data does not end at an alignment
 boundry

This could happen if a user put an unaligned amount of data inside
an attribute with nlmsg_append().
---
 lib/attr.c | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/lib/attr.c b/lib/attr.c
index 71213db..6147ff3 100644
--- a/lib/attr.c
+++ b/lib/attr.c
@@ -1151,9 +1151,26 @@ struct nlattr *nla_nest_start(struct nl_msg *msg, int attrtype)
  */
 int nla_nest_end(struct nl_msg *msg, struct nlattr *start)
 {
+	size_t pad;
+
 	start->nla_len = (unsigned char *) nlmsg_tail(msg->nm_nlh) -
 				(unsigned char *) start;
 
+	pad = NLMSG_ALIGN(msg->nm_nlh->nlmsg_len) - msg->nm_nlh->nlmsg_len;
+	if (pad > 0) {
+		/*
+		 * Data inside attribute does not end at a alignment boundry.
+		 * Pad accordingly and accoun for the additional space in
+		 * the message. nlmsg_reserve() may never fail in this situation,
+		 * the allocate message buffer must be a multiple of NLMSG_ALIGNTO.
+		 */
+		if (!nlmsg_reserve(msg, pad, 0))
+			BUG();
+
+		NL_DBG(2, "msg %p: attr <%p> %d: added %zu bytes of padding\n",
+			msg, start, start->nla_type, pad);
+	}
+
 	NL_DBG(2, "msg %p: attr <%p> %d: closing nesting, len=%u\n",
 		msg, start, start->nla_type, start->nla_len);