[NETFILTER]: arp_tables: resync get_entries() with ip_tables

Resync get_entries() with ip_tables.c by moving the checks from the
setsockopt handler to the function itself.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 33e8d53..029df76 100644 (file)
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -825,23 +825,35 @@ static int get_info(void __user *user, int *len)
        return ret;
 }
 
-static int get_entries(const struct arpt_get_entries *entries,
-                      struct arpt_get_entries __user *uptr)
+static int get_entries(struct arpt_get_entries __user *uptr, int *len)
 {
        int ret;
+       struct arpt_get_entries get;
        struct arpt_table *t;
 
-       t = xt_find_table_lock(NF_ARP, entries->name);
+       if (*len < sizeof(get)) {
+               duprintf("get_entries: %u < %Zu\n", *len, sizeof(get));
+               return -EINVAL;
+       }
+       if (copy_from_user(&get, uptr, sizeof(get)) != 0)
+               return -EFAULT;
+       if (*len != sizeof(struct arpt_get_entries) + get.size) {
+               duprintf("get_entries: %u != %Zu\n", *len,
+                        sizeof(struct arpt_get_entries) + get.size);
+               return -EINVAL;
+       }
+
+       t = xt_find_table_lock(NF_ARP, get.name);
        if (t && !IS_ERR(t)) {
                struct xt_table_info *private = t->private;
                duprintf("t->private->number = %u\n",
                         private->number);
-               if (entries->size == private->size)
+               if (get.size == private->size)
                        ret = copy_entries_to_user(private->size,
                                                   t, uptr->entrytable);
                else {
                        duprintf("get_entries: I've got %u not %u!\n",
-                                private->size, entries->size);
+                                private->size, get.size);
                        ret = -EINVAL;
                }
                module_put(t->me);
@@ -1055,22 +1067,9 @@ static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len
                ret = get_info(user, len);
                break;
 
-       case ARPT_SO_GET_ENTRIES: {
-               struct arpt_get_entries get;
-
-               if (*len < sizeof(get)) {
-                       duprintf("get_entries: %u < %Zu\n", *len, sizeof(get));
-                       ret = -EINVAL;
-               } else if (copy_from_user(&get, user, sizeof(get)) != 0) {
-                       ret = -EFAULT;
-               } else if (*len != sizeof(struct arpt_get_entries) + get.size) {
-                       duprintf("get_entries: %u != %Zu\n", *len,
-                                sizeof(struct arpt_get_entries) + get.size);
-                       ret = -EINVAL;
-               } else
-                       ret = get_entries(&get, user);
+       case ARPT_SO_GET_ENTRIES:
+               ret = get_entries(user, len);
                break;
-       }
 
        case ARPT_SO_GET_REVISION_TARGET: {
                struct xt_get_revision rev;