git.baikalelectronics.ru Git - kernel.git/commit

author	Paul Moore <paul@paul-moore.com>
	Tue, 26 Feb 2019 00:06:06 +0000 (19:06 -0500)
committer	David S. Miller <davem@davemloft.net>
	Thu, 28 Feb 2019 05:45:24 +0000 (21:45 -0800)
commit	05d7748cdb0025e6c955a866e71b85023963975c
tree	57b5851e93a59389e6a1bb0cfaee81d1c586ba5f	tree \| snapshot
parent	8fb94e9e3b951572b001108eda7c41339bfa9636	commit \| diff

netlabel: fix out-of-bounds memory accesses

There are two array out-of-bounds memory accesses, one in
cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk(). Both
errors are embarassingly simple, and the fixes are straightforward.

As a FYI for anyone backporting this patch to kernels prior to v4.8,
you'll want to apply the netlbl_bitmap_walk() patch to
cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before
Linux v4.8.

Reported-by: Jann Horn <jannh@google.com>
Fixes: 3bb76b642333 ("[NetLabel]: CIPSOv4 engine")
Fixes: 2a891dca77d4 ("netlabel: Move bitmap manipulation functions to the NetLabel core.")
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv4/cipso_ipv4.c		diff \| blob \| history
net/netlabel/netlabel_kapi.c		diff \| blob \| history