"0c5dc070ff3d6246d22ddd931f23a6266249e3db" (history) in projects: openbmc

Searched hist:"0 c5dc070ff3d6246d22ddd931f23a6266249e3db" (Results 1 – 6 of 6) sorted by relevance

/openbmc/linux/net/sctp/
H A D	bind_addr.c	diff 0c5dc070ff3d6246d22ddd931f23a6266249e3db Mon Jun 28 14:13:41 CDT 2021 Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> sctp: validate from_addr_param return Ilja reported that, simply putting it, nothing was validating that from_addr_param functions were operating on initialized memory. That is, the parameter itself was being validated by sctp_walk_params, but it doesn't check for types and their specific sizes and it could be a 0-length one, causing from_addr_param to potentially work over the next parameter or even uninitialized memory. The fix here is to, in all calls to from_addr_param, check if enough space is there for the wanted IP address type. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
H A D	input.c	diff 0c5dc070ff3d6246d22ddd931f23a6266249e3db Mon Jun 28 14:13:41 CDT 2021 Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> sctp: validate from_addr_param return Ilja reported that, simply putting it, nothing was validating that from_addr_param functions were operating on initialized memory. That is, the parameter itself was being validated by sctp_walk_params, but it doesn't check for types and their specific sizes and it could be a 0-length one, causing from_addr_param to potentially work over the next parameter or even uninitialized memory. The fix here is to, in all calls to from_addr_param, check if enough space is there for the wanted IP address type. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
H A D	ipv6.c	diff 0c5dc070ff3d6246d22ddd931f23a6266249e3db Mon Jun 28 14:13:41 CDT 2021 Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> sctp: validate from_addr_param return Ilja reported that, simply putting it, nothing was validating that from_addr_param functions were operating on initialized memory. That is, the parameter itself was being validated by sctp_walk_params, but it doesn't check for types and their specific sizes and it could be a 0-length one, causing from_addr_param to potentially work over the next parameter or even uninitialized memory. The fix here is to, in all calls to from_addr_param, check if enough space is there for the wanted IP address type. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
H A D	sm_make_chunk.c	diff 0c5dc070ff3d6246d22ddd931f23a6266249e3db Mon Jun 28 14:13:41 CDT 2021 Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> sctp: validate from_addr_param return Ilja reported that, simply putting it, nothing was validating that from_addr_param functions were operating on initialized memory. That is, the parameter itself was being validated by sctp_walk_params, but it doesn't check for types and their specific sizes and it could be a 0-length one, causing from_addr_param to potentially work over the next parameter or even uninitialized memory. The fix here is to, in all calls to from_addr_param, check if enough space is there for the wanted IP address type. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
H A D	protocol.c	diff 0c5dc070ff3d6246d22ddd931f23a6266249e3db Mon Jun 28 14:13:41 CDT 2021 Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> sctp: validate from_addr_param return Ilja reported that, simply putting it, nothing was validating that from_addr_param functions were operating on initialized memory. That is, the parameter itself was being validated by sctp_walk_params, but it doesn't check for types and their specific sizes and it could be a 0-length one, causing from_addr_param to potentially work over the next parameter or even uninitialized memory. The fix here is to, in all calls to from_addr_param, check if enough space is there for the wanted IP address type. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
/openbmc/linux/include/net/sctp/
H A D	structs.h	diff 0c5dc070ff3d6246d22ddd931f23a6266249e3db Mon Jun 28 14:13:41 CDT 2021 Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> sctp: validate from_addr_param return Ilja reported that, simply putting it, nothing was validating that from_addr_param functions were operating on initialized memory. That is, the parameter itself was being validated by sctp_walk_params, but it doesn't check for types and their specific sizes and it could be a 0-length one, causing from_addr_param to potentially work over the next parameter or even uninitialized memory. The fix here is to, in all calls to from_addr_param, check if enough space is there for the wanted IP address type. Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Project(s)

Full Search
Definition
Symbol
File Path
History
Type