linux/tools
Florian Westphal b0519de8b3 mptcp: fix use-after-free for ipv6
Turns out that when we accept a new subflow, the newly created
inet_sk(tcp_sk)->pinet6 points at the ipv6_pinfo structure of the
listener socket.

This wasn't caught by the selftest because it closes the accepted fd
before the listening one.

adding a close(listenfd) after accept returns is enough:
 BUG: KASAN: use-after-free in inet6_getname+0x6ba/0x790
 Read of size 1 at addr ffff88810e310866 by task mptcp_connect/2518
 Call Trace:
  inet6_getname+0x6ba/0x790
  __sys_getpeername+0x10b/0x250
  __x64_sys_getpeername+0x6f/0xb0

also alter test program to exercise this.

Reported-by: Christoph Paasch <cpaasch@apple.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-02-06 11:25:09 +01:00
..
accounting
arch Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2020-01-31 11:05:33 -08:00
bpf tools/bpf: Allow overriding llvm tools for runqslower 2020-01-27 10:52:57 +01:00
build perf/ui/gtk: Fix gtk2 build 2020-01-14 12:40:33 -03:00
cgroup iocost: Fix iocost_monitor.py due to helper type mismatch 2020-01-17 11:54:35 -08:00
debugging
firewire
firmware
gpio tools: gpio: Correctly add make dependencies for gpio_utils 2019-11-13 13:46:04 +01:00
hv Tools: hv: Reopen the devices if read() or write() returns errors 2020-01-26 22:10:10 -05:00
iio tools: iio: Correctly add make dependency for iio_utils 2019-11-10 17:11:06 +00:00
include bitops: more BITS_TO_* macros 2020-02-04 03:05:26 +00:00
io_uring
kvm/kvm_stat tools/kvm_stat: Fix kvm_exit filter name 2020-01-23 09:51:06 +01:00
laptop
leds
lib Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-01-28 16:02:33 -08:00
memory-model tools/memory-model/Documentation: Add plain accesses and data races to explanation.txt 2019-10-05 11:59:44 -07:00
nfsd
objtool objtool: Fix ARCH=x86_64 build error 2020-01-22 07:54:57 +01:00
pci tools: PCI: Fix fd leakage 2019-10-29 12:04:18 +00:00
pcmcia
perf Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-01-28 16:02:33 -08:00
power More power manadement updates for 5.6-rc1 2020-01-31 14:36:35 -08:00
scripts
spi
testing mptcp: fix use-after-free for ipv6 2020-02-06 11:25:09 +01:00
thermal/tmon
time
usb usbip: Fix unsafe unaligned pointer usage 2020-01-09 16:44:26 +01:00
virtio tools/virtio: xen stub 2019-10-13 09:38:27 -04:00
vm tools/vm/slabinfo: fix sanity checks enabling 2020-01-31 10:30:38 -08:00
wmi
Makefile tools: Keep list of tools in alphabetical order 2019-08-14 10:59:59 -03:00