From 71ef4b773ae4cc737dde645b76b8ffa0ace227e5 Mon Sep 17 00:00:00 2001
From: Trent Lloyd <lathiat@bur.st>
Date: Mon, 6 Nov 2006 14:01:51 +0000
Subject: Fix a bug where Avahi does not verify the source of netlink messages
 (Closes #69) Update NEWS/configure for 0.6.15

git-svn-id: file:///home/lennart/svn/public/avahi/trunk@1331 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe
---
 avahi-core/netlink.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'avahi-core/netlink.c')

diff --git a/avahi-core/netlink.c b/avahi-core/netlink.c
index b2a6684..893295d 100644
--- a/avahi-core/netlink.c
+++ b/avahi-core/netlink.c
@@ -62,6 +62,12 @@ int avahi_netlink_work(AvahiNetlink *nl, int block) {
 
     p = (struct nlmsghdr *) nl->buffer;
     
+    /* Check that this message originated from the kernel,
+       or a request from avahi itself, and not another process */
+    if ((p->nlmsg_pid != 0) && (p->nlmsg_pid != getpid())) {
+        return -1;
+    }
+
     assert(nl->callback);
     
     for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) {
-- 
cgit