leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
50619dbf8d
linux/net/sctp
History
Marcelo Ricardo Leitner 50619dbf8d sctp: add size validation when walking chunks 
The first chunk in a packet is ensured to be present at the beginning of
sctp_rcv(), as a packet needs to have at least 1 chunk. But the second
one, may not be completely available and ch->length can be over
uninitialized memory.

Fix here is by only trying to walk on the next chunk if there is enough to
hold at least the header, and then proceed with the ch->length validation
that is already there.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-06-28 15:34:50 -07:00
..
associola.c sctp: add encap_port for netns sock asoc and transport 2020-10-30 15:24:06 -07:00
auth.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-10-08 15:44:50 -07:00
bind_addr.c sctp: validate from_addr_param return 2021-06-28 15:34:50 -07:00
chunk.c net: sctp: chunk.c: delete duplicated word 2020-08-24 16:21:43 -07:00
debug.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
diag.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-03-12 22:34:48 -07:00
endpointola.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
input.c sctp: add size validation when walking chunks 2021-06-28 15:34:50 -07:00
inqueue.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
ipv6.c sctp: validate from_addr_param return 2021-06-28 15:34:50 -07:00
Kconfig sctp: create udp4 sock and add its encap_rcv 2020-10-30 15:23:52 -07:00
Makefile sctp: rename sctp_diag.c as diag.c 2018-02-13 13:56:31 -05:00
objcnt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
offload.c sctp: remove the NETIF_F_SG flag before calling skb_segment 2021-01-16 19:05:59 -08:00
output.c sctp: move sk_route_caps check and set into sctp_outq_flush_transports 2021-03-19 11:34:49 -07:00
outqueue.c sctp: move sk_route_caps check and set into sctp_outq_flush_transports 2021-03-19 11:34:49 -07:00
primitive.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
proc.c net: fix iteration for sctp transport seq_files 2021-02-08 10:15:49 -08:00
protocol.c sctp: validate from_addr_param return 2021-06-28 15:34:50 -07:00
sm_make_chunk.c sctp: validate from_addr_param return 2021-06-28 15:34:50 -07:00
sm_sideeffect.c sctp: do asoc update earlier in sctp_sf_do_dupcook_b 2021-04-30 15:06:34 -07:00
sm_statefuns.c sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b 2021-05-03 13:32:12 -07:00
sm_statetable.c sctp: remove net sctp.x_enable working as a global switch 2019-08-19 18:27:29 -07:00
socket.c sctp: add the missing setting for asoc encap_port 2021-05-25 15:17:26 -07:00
stream_interleave.c sctp: get netns from asoc and ep base 2019-12-09 20:14:01 -08:00
stream_sched_prio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
stream_sched_rr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 104 2019-05-24 17:39:00 +02:00
stream_sched.c sctp: rename asoc intl_enable to asoc peer.intl_capable 2019-07-08 20:16:25 -07:00
stream.c net: sctp: Fix negotiation of the number of data streams. 2020-08-20 16:37:37 -07:00
sysctl.c sctp: fix the proc_handler for sysctl encap_port 2021-05-25 15:18:29 -07:00
transport.c sctp: Fix some typo 2020-11-23 17:44:11 -08:00
tsnmap.c net: sctp: trivial: fix typo in comment 2021-03-04 13:48:32 -08:00
ulpevent.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-05-31 17:48:46 -07:00
ulpqueue.c net: sctp: ulpqueue.c: delete duplicated word 2020-08-24 16:21:43 -07:00