[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200723.121037.1733642913138811577.davem@davemloft.net>
Date: Thu, 23 Jul 2020 12:10:37 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: dan.carpenter@...cle.com
Cc: jreuter@...na.de, yepeilin.cs@...il.com, ralf@...ux-mips.org,
kuba@...nel.org, linux-hams@...r.kernel.org,
netdev@...r.kernel.org, gregkh@...uxfoundation.org,
syzkaller-bugs@...glegroups.com,
linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH net] AX.25: Prevent integer overflows in connect and
sendmsg
From: Dan Carpenter <dan.carpenter@...cle.com>
Date: Thu, 23 Jul 2020 17:49:57 +0300
> We recently added some bounds checking in ax25_connect() and
> ax25_sendmsg() and we so we removed the AX25_MAX_DIGIS checks because
> they were no longer required.
>
> Unfortunately, I believe they are required to prevent integer overflows
> so I have added them back.
>
> Fixes: 8885bb0621f0 ("AX.25: Prevent out-of-bounds read in ax25_sendmsg()")
> Fixes: 2f2a7ffad5c6 ("AX.25: Fix out-of-bounds read in ax25_connect()")
> Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
Applied, thanks Dan.
Powered by blists - more mailing lists