[09/13] [XFRM]: Fix possible overflow of sock->sk_policy

-stable review patch.  If anyone has any objections, please let us know.

------------------

From: Herbert Xu <[email protected]>

[XFRM]: Fix possible overflow of sock->sk_policy

Spotted by, and original patch by, Balazs Scheidler.

Signed-off-by: Herbert Xu <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Chris Wright <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
 net/xfrm/xfrm_user.c |    3 +++
 1 files changed, 3 insertions(+)

--- linux-2.6.12.3.orig/net/xfrm/xfrm_user.c	2005-07-28 11:17:01.000000000 -0700
+++ linux-2.6.12.3/net/xfrm/xfrm_user.c	2005-07-28 11:17:18.000000000 -0700
@@ -1180,6 +1180,9 @@
 	if (nr > XFRM_MAX_DEPTH)
 		return NULL;
 
+	if (p->dir > XFRM_POLICY_OUT)
+		return NULL;
+
 	xp = xfrm_policy_alloc(GFP_KERNEL);
 	if (xp == NULL) {
 		*dir = -ENOBUFS;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- [00/13] -stable review
  - From: Chris Wright <[email protected]>

Prev by Date: [10/13] [PATCH] bio_clone fix
Next by Date: [06/13] [NETFILTER]: Fix deadlock in ip6_queue
Previous by thread: Re: [10/13] [PATCH] bio_clone fix
Next by thread: [06/13] [NETFILTER]: Fix deadlock in ip6_queue
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind]