| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jun 2013 09:33:23 -0700 From: Eric Dumazet <eric.dumazet@...il.com> To: Changli Gao <xiaosuo@...il.com> Cc: "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH v2] net: Check the argument for listen(2) On Sat, 2013-06-29 at 00:22 +0800, Changli Gao wrote: > As we use u16 to save the value of the argument for listen(2), > we'd better check if the value is larger than SINT_MAX other > than cut it down silently on error. > --- > net/ipv4/af_inet.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c > index b4d0be2..35aaf00 100644 > --- a/net/ipv4/af_inet.c > +++ b/net/ipv4/af_inet.c > @@ -198,6 +198,9 @@ int inet_listen(struct socket *sock, int backlog) > unsigned char old_state; > int err; > > + if (backlog >= (1 << 16)) > + return -EINVAL; > + > lock_sock(sk); > > err = -EINVAL; Well, there is still this possible regression for old applications. Just use u32 fields instead of u16 ? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists