| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130227204144.GA11300@longonot.mountain> Date: Wed, 27 Feb 2013 23:41:44 +0300 From: Dan Carpenter <dan.carpenter@...cle.com> To: Vlad Yasevich <vyasevich@...il.com>, Michele Baldessari <michele@...syn.org> Cc: Sridhar Samudrala <sri@...ibm.com>, Neil Horman <nhorman@...driver.com>, "David S. Miller" <davem@...emloft.net>, linux-sctp@...r.kernel.org, netdev@...r.kernel.org, kernel-janitors@...r.kernel.org Subject: [patch] sctp: check len in sctp_getsockopt_assoc_stats() This check is missing an upper bound. Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com> --- This should go in 3.8 -stable as well. diff --git a/net/sctp/socket.c b/net/sctp/socket.c index c99458d..fbd8386 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -5652,6 +5652,8 @@ static int sctp_getsockopt_assoc_stats(struct sock *sk, int len, /* User must provide at least the assoc id */ if (len < sizeof(sctp_assoc_t)) return -EINVAL; + if (len > sizeof(struct sctp_assoc_stats)) + len = sizeof(struct sctp_assoc_stats); if (copy_from_user(&sas, optval, len)) return -EFAULT; -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists