www.infradead.org Git - users/jedix/linux-maple.git/commit

]> www.infradead.org Git - users/jedix/linux-maple.git/commit

projects / users / jedix / linux-maple.git / commit

author	Jason Wang <jasowang@redhat.com>
	Wed, 30 May 2012 21:18:10 +0000 (21:18 +0000)
committer	Maxim Uvarov <maxim.uvarov@oracle.com>
	Tue, 19 Jun 2012 10:55:18 +0000 (03:55 -0700)
commit	41db6ec59cc5e5c74ecebb6e2a45f5389502ea39
tree	94f40d7bbebe3b0ff34f4259fe41b90f6e47250c	tree
parent	4f0f1f054650fcb50389b34362d419ebbfd97afe	commit \| diff

net: sock: validate data_len before allocating skb in sock_alloc_send_pskb()

Bugdb: 13966
We need to validate the number of pages consumed by data_len, otherwise frags
array could be overflowed by userspace. So this patch validate data_len and
return -EMSGSIZE when data_len may occupies more frags than MAX_SKB_FRAGS.
This fixes: CVE-2012-2136
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/core/sock.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom