bybrooklyn/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-05 23:05:25 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
171d449a028573b2f0acdc7f31ecbb045391b320
linux/net/xfrm
History
Xin Long 171d449a02 xfrm: fix uctx len check in verify_sec_ctx_len 
It's not sufficient to do 'uctx->len != (sizeof(struct xfrm_user_sec_ctx) +
uctx->ctx_len)' check only, as uctx->len may be greater than nla_len(rt),
in which case it will cause slab-out-of-bounds when accessing uctx->ctx_str
later.

This patch is to fix it by return -EINVAL when uctx->len > nla_len(rt).

Fixes: df71837d50 ("[LSM-IPSec]: Security association restriction.")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2020-02-12 11:06:32 +01:00
..
espintcp.c
xfrm: add espintcp (RFC 8229)
2019-12-09 09:59:07 +01:00
Kconfig
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next
2019-11-25 20:02:57 -08:00
Makefile
xfrm: add espintcp (RFC 8229)
2019-12-09 09:59:07 +01:00
xfrm_algo.c
crypto: skcipher - remove the "blkcipher" algorithm type
2019-11-01 13:38:32 +08:00
xfrm_device.c
xfrm: handle NETDEV_UNREGISTER for xfrm device
2020-02-04 12:43:46 +01:00
xfrm_hash.c
mm: remove include/linux/bootmem.h
2018-10-31 08:54:16 -07:00
xfrm_hash.h
xfrm: use complete IPv6 addresses for hash
2018-10-15 10:09:18 +02:00
xfrm_inout.h
xfrm: remove input2 indirection from xfrm_mode
2019-04-08 09:14:55 +02:00
xfrm_input.c
xfrm: introduce xfrm_trans_queue_net
2019-12-09 09:59:07 +01:00
xfrm_interface.c
xfrm: interface: do not confirm neighbor when do pmtu update
2020-01-14 08:55:38 +01:00
xfrm_ipcomp.c
net: Use skb_frag_off accessors
2019-07-30 14:21:32 -07:00
xfrm_output.c
net: xfrm: use skb_list_walk_safe helper for gso segments
2020-01-14 11:48:41 -08:00
xfrm_policy.c
xfrm: add espintcp (RFC 8229)
2019-12-09 09:59:07 +01:00
xfrm_proc.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
xfrm_replay.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 335
2019-06-05 17:37:06 +02:00
xfrm_state.c
xfrm: add espintcp (RFC 8229)
2019-12-09 09:59:07 +01:00
xfrm_sysctl.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
xfrm_user.c
xfrm: fix uctx len check in verify_sec_ctx_len
2020-02-12 11:06:32 +01:00