ROSE wasn't verifying the ndigis argument of a new route resulting in a
minor security hole.
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/rose/rose_route.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletion(-)
--- linux-2.6.11.10.orig/net/rose/rose_route.c 2005-05-16 10:52:02.000000000 -0700
+++ linux-2.6.11.10/net/rose/rose_route.c 2005-05-20 09:36:34.381946976 -0700
@@ -727,7 +727,8 @@
}
if (rose_route.mask > 10) /* Mask can't be more than 10 digits */
return -EINVAL;
-
+ if (rose_route.ndigis > 8) /* No more than 8 digipeats */
+ return -EINVAL;
err = rose_add_node(&rose_route, dev);
dev_put(dev);
return err;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]