lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d7e0d19aa0
android_kernel_xiaomi_sm8350/net/sctp
History
Dan Rosenberg d7e0d19aa0 sctp: prevent reading out-of-bounds memory 
Two user-controlled allocations in SCTP are subsequently dereferenced as
sockaddr structs, without checking if the dereferenced struct members fall
beyond the end of the allocated chunk.  There doesn't appear to be any
information leakage here based on how these members are used and
additional checking, but it's still worth fixing.

[akpm@linux-foundation.org: remove unfashionable newlines, fix gmail tab->space conversion]
Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-03 21:58:48 -07:00
..
associola.c fix typos concerning "initiali[zs]e" 2010-06-16 18:05:05 +02:00
auth.c
bind_addr.c
chunk.c sctp: Tag messages that can be Nagle delayed at creation. 2010-04-30 22:41:10 -04:00
command.c
debug.c
endpointola.c Merge branch 'net-next' of git://git.kernel.org/pub/scm/linux/kernel/git/vxy/lksctp-dev 2010-05-03 16:24:31 -07:00
input.c sctp: Fix a race between ICMP protocol unreachable and connect() 2010-05-06 00:56:07 -07:00
inqueue.c
ipv6.c
Kconfig sctp: implement sctp association probing module 2010-04-30 22:41:09 -04:00
Makefile sctp: implement sctp association probing module 2010-04-30 22:41:09 -04:00
objcnt.c
output.c sctp: Do not reset the packet during sctp_packet_config(). 2010-09-17 16:47:56 -07:00
outqueue.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
primitive.c
probe.c Merge branch 'net-next' of git://git.kernel.org/pub/scm/linux/kernel/git/vxy/lksctp-dev 2010-05-03 16:24:31 -07:00
proc.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
protocol.c Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-08-04 15:31:02 -07:00
sm_make_chunk.c net: use __packed annotation 2010-06-03 03:21:52 -07:00
sm_sideeffect.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sm_statefuns.c sctp: fix test for end of loop 2010-09-09 15:00:29 -07:00
sm_statetable.c
socket.c sctp: prevent reading out-of-bounds memory 2010-10-03 21:58:48 -07:00
ssnmap.c
sysctl.c
transport.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-05-16 22:26:58 -07:00
tsnmap.c
ulpevent.c
ulpqueue.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00