]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 99e9c71) | patch
net/packet: fix overflow in check for tp_reserve
authorAndrey Konovalov <andreyknvl@google.com>
Wed, 29 Mar 2017 14:11:22 +0000 (16:11 +0200)
committerChuck Anderson <chuck.anderson@oracle.com>
Thu, 1 Jun 2017 06:07:17 +0000 (23:07 -0700)
commit215eb22368830bb78f9fe41b5d6d24176529bf1e
tree6ae5deae18f0fc7b876fa0fbf33f592ea7467188tree
parent99e9c71be7b70f7ed58e6768612a376c64de00bfcommit | diff
net/packet: fix overflow in check for tp_reserve

Orabug: 25813773
CVE: CVE-2017-7308

When calculating po->tp_hdrlen + po->tp_reserve the result can overflow.

Fix by checking that tp_reserve <= INT_MAX on assign.

Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit bcc5364bdcfe131e6379363f089e7b4108d35b70)
Signed-off-by: Brian Maly <brian.maly@oracle.com>
net/packet/af_packet.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.