| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <566F51C1.7000600@stressinduktion.org> Date: Tue, 15 Dec 2015 00:33:21 +0100 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: Cong Wang <cwang@...pensource.com> Cc: netdev <netdev@...r.kernel.org> Subject: Re: [PATCH net] pptp: validate sockaddr_len before binding On 14.12.2015 23:58, Cong Wang wrote: > On Mon, Dec 14, 2015 at 2:45 PM, Hannes Frederic Sowa > <hannes@...essinduktion.org> wrote: >> diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c >> index fc69e41d09506e..f9ffdf070ad807 100644 >> --- a/drivers/net/ppp/pptp.c >> +++ b/drivers/net/ppp/pptp.c >> @@ -419,6 +419,9 @@ static int pptp_bind(struct socket *sock, struct sockaddr *uservaddr, >> struct pptp_opt *opt = &po->proto.pptp; >> int error = 0; >> >> + if (sockaddr_len < sizeof(*sp)) >> + return -EINVAL; >> + > > I sent a very similar patch: > https://patchwork.ozlabs.org/patch/556663/ Ah, thanks. Did not notice. The connect() part is also already in my queue, but I don't think it solves the use-after-free. The RCU implementation of callid_sock seems broken to me. David, discard my patch. Thanks, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists