]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0c41291) | patch
sctp: Make sure N * sizeof(union sctp_addr) does not overflow.
authorDavid S. Miller <davem@davemloft.net>
Sat, 21 Jun 2008 05:04:34 +0000 (22:04 -0700)
committerDavid S. Miller <davem@davemloft.net>
Sat, 21 Jun 2008 05:04:34 +0000 (22:04 -0700)
commit9c58e12db0a3de108e8dcdd5455fd20cc4d06571
treeb047160a720011021b148350e42d8cc020f06a61tree | snapshot
parent0c41291a3aee3c77b5d0653905d405a58f693acccommit | diff
sctp: Make sure N * sizeof(union sctp_addr) does not overflow.

As noticed by Gabriel Campana, the kmalloc() length arg
passed in by sctp_getsockopt_local_addrs_old() can overflow
if ->addr_num is large enough.

Therefore, enforce an appropriate limit.

Signed-off-by: David S. Miller <davem@davemloft.net>
net/sctp/socket.c diff | blob | history
Linux Kernel Source Tree.