From e12035a23d3f12154f4d4034ee88157b86f3b5e3 Mon Sep 17 00:00:00 2001
From: Phil Sutter <psutter@redhat.com>
Date: Thu, 18 Feb 2016 13:38:12 +0100
Subject: [PATCH] neighbor: check return values

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1277094
Upstream Status: iproute2.git commit 542b0cc759c6d

commit 542b0cc759c6d3456d16c05c886b367e1b2f1e73
Author: Stephen Hemminger <shemming@brocade.com>
Date:   Tue Jan 13 18:06:16 2015 -0800

    neighbor: check return values

    Need to check for invalid address and buffer overrun in ip neigh
    command with invalid paramters.
---
 ip/ipneigh.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/ip/ipneigh.c b/ip/ipneigh.c
index 71a4100..c47f005 100644
--- a/ip/ipneigh.c
+++ b/ip/ipneigh.c
@@ -157,14 +157,19 @@ static int ipneigh_modify(int cmd, int flags, int argc, char **argv)
 		exit(-1);
 	}
 	req.ndm.ndm_family = dst.family;
-	addattr_l(&req.n, sizeof(req), NDA_DST, &dst.data, dst.bytelen);
+	if (addattr_l(&req.n, sizeof(req), NDA_DST, &dst.data, dst.bytelen) < 0)
+		return -1;
 
 	if (lla && strcmp(lla, "null")) {
 		char llabuf[20];
 		int l;
 
 		l = ll_addr_a2n(llabuf, sizeof(llabuf), lla);
-		addattr_l(&req.n, sizeof(req), NDA_LLADDR, llabuf, l);
+		if (l < 0)
+			return -1;
+
+		if (addattr_l(&req.n, sizeof(req), NDA_LLADDR, llabuf, l) < 0)
+			return -1;
 	}
 
 	ll_init_map(&rth);
-- 
1.8.3.1