[09/13] [XFRM]: Fix possible overflow of sock->sk_policy

From: Chris Wright
Date: Wed Aug 03 2005 - 02:20:42 EST

Next message: Chris Wright: "[06/13] [NETFILTER]: Fix deadlock in ip6_queue"
Previous message: Chris Wright: "[10/13] [PATCH] bio_clone fix"
In reply to: Jens Axboe: "Re: [10/13] [PATCH] bio_clone fix"
Next in thread: Chris Wright: "[06/13] [NETFILTER]: Fix deadlock in ip6_queue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-stable review patch. If anyone has any objections, please let us know.

------------------

From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>

[XFRM]: Fix possible overflow of sock->sk_policy

Spotted by, and original patch by, Balazs Scheidler.

Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Chris Wright <chrisw@xxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
---
net/xfrm/xfrm_user.c | 3 +++
1 files changed, 3 insertions(+)

--- linux-2.6.12.3.orig/net/xfrm/xfrm_user.c 2005-07-28 11:17:01.000000000 -0700
+++ linux-2.6.12.3/net/xfrm/xfrm_user.c 2005-07-28 11:17:18.000000000 -0700
@@ -1180,6 +1180,9 @@
if (nr > XFRM_MAX_DEPTH)
return NULL;

+ if (p->dir > XFRM_POLICY_OUT)
+ return NULL;
+
xp = xfrm_policy_alloc(GFP_KERNEL);
if (xp == NULL) {
*dir = -ENOBUFS;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chris Wright: "[06/13] [NETFILTER]: Fix deadlock in ip6_queue"
Previous message: Chris Wright: "[10/13] [PATCH] bio_clone fix"
In reply to: Jens Axboe: "Re: [10/13] [PATCH] bio_clone fix"
Next in thread: Chris Wright: "[06/13] [NETFILTER]: Fix deadlock in ip6_queue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]