iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Pablo Neira Ayuso 8ef576491c netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code 
commit 4c559f15efcc43b996f4da528cd7f9483aaca36d upstream.

Dan Carpenter says: "Smatch complains that the value for "cmd" comes
from the network and can't be trusted."

Add pptp_msg_name() helper function that checks for the array boundary.

Fixes: f09943fefe6b ("[NETFILTER]: nf_conntrack/nf_nat: add PPTP helper port")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-06-03 08:16:46 +02:00
..
6lowpan
6lowpan: Off by one handling ->nexthdr
2020-01-29 10:24:22 +01:00
9p
9p/virtio: Add cleanup path in p9_virtio_init
2019-08-04 09:33:28 +02:00
802
8021q
vlan: fix memory leak in vlan_dev_set_egress_priority
2020-01-12 11:24:27 +01:00
appletalk
appletalk: Set error code if register_snap_client failed
2019-12-21 10:41:45 +01:00
atm
net: atm: Fix potential Spectre v1 vulnerabilities
2019-04-27 09:34:40 +02:00
ax25
ax25: fix setsockopt(SO_BINDTODEVICE)
2020-06-03 08:16:22 +02:00
batman-adv
batman-adv: Fix refcnt leak in batadv_v_ogm_process
2020-05-20 08:15:29 +02:00
bluetooth
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
2020-04-13 10:32:57 +02:00
bridge
netfilter: nft_reject_bridge: enable reject with bridge vlan
2020-06-03 08:16:45 +02:00
caif
caif: reduce stack size with KASAN
2019-05-08 07:19:07 +02:00
can
can: purge socket error queue on sock destruct
2019-07-10 09:55:33 +02:00
ceph
libceph: ignore pool overlay and cache logic on redirects
2020-06-03 08:16:41 +02:00
core
netprio_cgroup: Fix unlimited memory leak of v2 cgroups
2020-05-20 08:15:39 +02:00
dcb
net: dcb: For wild-card lookups, use priority -1, not 0
2018-09-19 22:47:15 +02:00
dccp
net: ipv6: add net argument to ip6_dst_lookup_flow
2020-05-20 08:15:30 +02:00
decnet
decnet: fix DN_IFREQ_SIZE
2019-12-05 15:35:12 +01:00
dns_resolver
KEYS: DNS: fix parsing multiple options
2018-07-22 14:27:39 +02:00
dsa
net: dsa: tag_brcm: Fix skb->fwd_offload_mark location
2020-04-13 10:32:53 +02:00
ethernet
net: add annotations on hh->hh_len lockless accesses
2020-01-12 11:24:19 +01:00
hsr
hsr: check protocol version in hsr_newlink()
2020-04-24 07:59:02 +02:00
ieee802154
nl802154: add missing attribute validation for dev_type
2020-03-20 09:07:39 +01:00
ipv4
netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
2020-06-03 08:16:46 +02:00
ipv6
Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu"
2020-05-20 08:15:39 +02:00
ipx
ipx: call ipxitf_put() in ioctl error path
2017-05-25 15:44:41 +02:00
irda
irda: Only insert new objects into the global database via setsockopt
2018-09-15 09:43:01 +02:00
iucv
net/af_iucv: always register net_device notifier
2020-01-29 10:24:26 +01:00
kcm
kcm: switch order of device registration to fix a crash
2019-04-17 08:36:44 +02:00
key
xfrm: clean up xfrm protocol checks
2019-09-16 08:19:32 +02:00
l2tp
l2tp: device MTU setup, tunnel socket needs a lock
2020-05-27 16:42:00 +02:00
l3mdev
net: ipv6: Remove l3mdev_get_saddr6
2016-09-10 23:12:53 -07:00
lapb
lapb: fixed leak of control-blocks.
2019-06-22 08:17:22 +02:00
llc
llc: fix sk_buff refcounting in llc_conn_state_process()
2020-01-29 10:24:33 +01:00
mac80211
mac80211: mesh: fix discovery timer re-arming issue / crash
2020-06-03 08:16:43 +02:00
mac802154
net: mac802154: tx: expand tailroom if necessary
2018-09-09 20:01:19 +02:00
mpls
net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup
2020-05-20 08:15:30 +02:00
ncsi
net/ncsi: Improve HNCDSC AEN handler
2016-10-20 11:23:08 -04:00
netfilter
netfilter: nf_conntrack_pptp: prevent buffer overflows in debug code
2020-06-03 08:16:46 +02:00
netlabel
netlabel: cope with NULL catmap
2020-05-20 08:15:39 +02:00
netlink
net: netlink: cap max groups which will be considered in netlink_bind()
2020-03-11 07:53:07 +01:00
netrom
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
2020-05-02 17:23:08 +02:00
nfc
nfc: add missing attribute validation for vendor subcommand
2020-03-20 09:07:40 +01:00
openvswitch
openvswitch: support asymmetric conntrack
2019-12-21 10:42:23 +01:00
packet
packet: fix data-race in fanout_flow_is_huge()
2020-01-29 10:24:35 +01:00
phonet
phonet: fix building with clang
2019-03-23 13:19:44 +01:00
qrtr
net: qrtr: Fix passing invalid reference to qrtr_local_enqueue()
2020-06-03 08:16:29 +02:00
rds
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
2020-01-29 10:24:32 +01:00
rfkill
rfkill: Fix incorrect check to avoid NULL pointer dereference
2020-01-12 11:24:23 +01:00
rose
net: rose: fix a possible stack overflow
2019-04-03 06:24:14 +02:00
rxrpc
rxrpc: Fix service call disconnection
2020-02-14 16:31:08 -05:00
sched
sch_sfq: validate silly quantum values
2020-05-20 08:15:25 +02:00
sctp
sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed
2020-06-03 08:16:27 +02:00
strparser
strparser: Fix incorrect strp->need_bytes value.
2018-04-29 11:32:02 +02:00
sunrpc
xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
2020-05-10 10:28:03 +02:00
switchdev
switchdev: Execute bridge ndos only for bridge ports
2016-10-19 10:58:04 -04:00
tipc
net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup
2020-05-20 08:15:30 +02:00
unix
net: fix warning in af_unix
2019-11-28 18:28:28 +01:00
vmw_vsock
VSOCK: bind to random port for VMADDR_PORT_ANY
2019-12-05 15:34:26 +01:00
wimax
wireless
cfg80211: check reg_rule for NULL in handle_channel_custom()
2020-03-20 09:07:57 +01:00
x25
net/x25: Fix x25_neigh refcnt leak when receiving frame
2020-05-02 17:23:08 +02:00
xfrm
xfrm: fix a NULL-ptr deref in xfrm_local_error
2020-06-03 08:16:44 +02:00
compat.c
sock: Make sock->sk_stamp thread-safe
2019-01-09 16:16:41 +01:00
Kconfig
Makefile
socket.c
l2tp: device MTU setup, tunnel socket needs a lock
2020-05-27 16:42:00 +02:00
sysctl_net.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2016-10-06 09:52:23 -07:00