iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Dan Carpenter db31c55a6f net: clamp ->msg_namelen instead of returning an error 
If kmsg->msg_namelen > sizeof(struct sockaddr_storage) then in the
original code that would lead to memory corruption in the kernel if you
had audit configured.  If you didn't have audit configured it was
harmless.

There are some programs such as beta versions of Ruby which use too
large of a buffer and returning an error code breaks them.  We should
clamp the ->msg_namelen value instead.

Fixes: 1661bf364ae9 ("net: heap overflow in __audit_sockaddr()")
Reported-by: Eric Wong <normalperson@yhbt.net>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Tested-by: Eric Wong <normalperson@yhbt.net>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-29 16:12:52 -05:00
..
9p
Nothing really exciting: some groundwork for changing virtio endian, and
2013-11-15 13:28:47 +09:00
802
mrp: add periodictimer to allow retries when packets get lost
2013-09-23 16:53:52 -04:00
8021q
Merge branch 'core-locking-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2013-11-14 16:30:30 +09:00
appletalk
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
atm
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
ax25
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
batman-adv
batman-adv: generalize batman-adv icmp packet handling
2013-10-23 17:03:47 +02:00
bluetooth
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem
2013-11-21 10:26:17 -05:00
bridge
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
2013-11-21 12:44:15 -05:00
caif
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
can
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2013-11-15 16:47:22 -08:00
ceph
net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes
2013-10-19 19:12:11 -04:00
core
gso: handle new frag_list of frags GRO packets
2013-11-21 14:11:50 -05:00
dcb
dccp
ipv4: introduce new IP_MTU_DISCOVER mode IP_PMTUDISC_INTERFACE
2013-11-05 21:52:27 -05:00
decnet
netfilter: pass hook ops to hookfn
2013-10-14 11:29:31 +02:00
dns_resolver
net: strict_strtoul is obsolete, use kstrtoul instead
2013-07-12 16:09:14 -07:00
dsa
net: dsa: inherit addr_assign_type along with dev_addr
2013-09-03 20:57:49 -04:00
ethernet
ethernet: use likely() for common Ethernet encap
2013-09-30 21:52:53 -07:00
hsr
genetlink: make multicast groups const, prevent abuse
2013-11-19 16:39:06 -05:00
ieee802154
genetlink: make multicast groups const, prevent abuse
2013-11-19 16:39:06 -05:00
ipv4
net: remove outdated comment for ipv4 and ipv6 protocol handler
2013-11-28 18:47:51 -05:00
ipv6
net: remove outdated comment for ipv4 and ipv6 protocol handler
2013-11-28 18:47:51 -05:00
ipx
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
irda
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
iucv
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
key
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
l2tp
inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions
2013-11-23 14:46:23 -08:00
lapb
net/lapb: re-send packets on timeout
2013-09-23 16:52:45 -04:00
llc
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
mac80211
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next into for-davem
2013-11-08 09:03:10 -05:00
mac802154
6lowpan: set and use mac_len for mac header length
2013-10-30 17:18:46 -04:00
mpls
ipip: add GSO/TSO support
2013-10-19 19:36:19 -04:00
netfilter
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
2013-11-21 12:44:15 -05:00
netlabel
genetlink: only pass array to genl_register_family_with_ops()
2013-11-19 16:39:05 -05:00
netlink
genetlink/pmcraid: use proper genetlink multicast API
2013-11-28 18:26:30 -05:00
netrom
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
nfc
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
openvswitch
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2013-11-19 15:50:47 -08:00
packet
af_packet: block BH in prb_shutdown_retire_blk_timer()
2013-11-29 16:11:08 -05:00
phonet
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2013-11-19 15:50:47 -08:00
rds
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
rfkill
net: rfkill: gpio: add ACPI support
2013-10-28 15:05:25 +01:00
rose
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
rxrpc
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
sched
sch_tbf: handle too small burst
2013-11-23 14:46:25 -08:00
sctp
sctp: Restore 'resent' bit to avoid retransmitted chunks for RTT measurements
2013-11-28 18:29:58 -05:00
sunrpc
NFS client bugfixes:
2013-11-16 13:14:56 -08:00
tipc
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
unix
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
vmw_vsock
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
wimax
wimax: remove dead code
2013-11-21 13:09:42 -05:00
wireless
genetlink: make multicast groups const, prevent abuse
2013-11-19 16:39:06 -05:00
x25
net: rework recvmsg handler msg_name and msg_namelen logic
2013-11-20 21:52:30 -05:00
xfrm
net: move pskb_put() to core code
2013-11-07 19:28:58 -05:00
compat.c
net: clamp ->msg_namelen instead of returning an error
2013-11-29 16:12:52 -05:00
Kconfig
net/hsr: Add support for the High-availability Seamless Redundancy protocol (HSRv0)
2013-11-03 23:20:14 -05:00
Makefile
net/hsr: Add support for the High-availability Seamless Redundancy protocol (HSRv0)
2013-11-03 23:20:14 -05:00
nonet.c
socket.c
net: clamp ->msg_namelen instead of returning an error
2013-11-29 16:12:52 -05:00
sysctl_net.c
net: Update the sysctl permissions handler to test effective uid/gid
2013-10-07 15:57:56 -04:00