linux/net
Patrick McHardy e3b802ba88 netfilter: nf_conntrack_irc: make sure string is terminated before calling simple_strtoul
Alexey Dobriyan points out:

1. simple_strtoul() silently accepts all characters for given base even
   if result won't fit into unsigned long. This is amazing stupidity in
   itself, but

2. nf_conntrack_irc helper use simple_strtoul() for DCC request parsing.
   Data first copied into 64KB buffer, so theoretically nothing prevents
   reading past the end of it, since data comes from network given 1).

This is not actually a problem currently since we're guaranteed to have
a 0 byte in skb_shared_info or in the buffer the data is copied to, but
to make this more robust, make sure the string is actually terminated.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-09-07 18:21:24 -07:00
..
9p flag parameters: socket and socketpair 2008-07-24 10:47:27 -07:00
802 list_for_each_rcu must die: networking 2008-07-25 10:53:27 -07:00
8021q netdev: Handle ->addr_list_lock just like ->_xmit_lock for lockdep. 2008-07-22 14:16:42 -07:00
appletalk net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
atm atm: fix const assignment/discard warnings in the ATM networking driver 2008-07-30 16:31:46 -07:00
ax25 AX.25: Fix sysctl registration if !CONFIG_AX25_DAMA_SLAVE 2008-08-05 18:46:57 -07:00
bluetooth [Bluetooth] Consolidate maintainers information 2008-08-18 13:23:53 +02:00
bridge bridge: show offload settings 2008-08-15 19:51:07 -07:00
can netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
core pkt_sched: Prevent livelock in TX queue running. 2008-08-19 04:00:36 -07:00
dccp dccp: Fix panic caused by too early termination of retransmission mechanism 2008-08-18 21:14:20 -07:00
decnet netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
econet netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
ethernet [NET]: Return more appropriate error from eth_validate_addr(). 2008-04-13 22:45:40 -07:00
ieee80211 wext: Emit event stream entries correctly when compat. 2008-06-16 18:50:49 -07:00
ipv4 ipv: Re-enable IP when MTU > 68 2008-09-02 17:28:58 -07:00
ipv6 ipv6: When we droped a packet, we should return NET_RX_DROP instead of 0 2008-08-29 14:27:51 -07:00
ipx netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
irda Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-07-20 17:43:29 -07:00
iucv Merge branch 'linus' into cpus4096-for-linus 2008-07-21 17:19:50 +02:00
key net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
lapb [LAPB] net/lapb/lapb_iface.c: use LIST_HEAD instead of LIST_HEAD_INIT 2008-01-28 14:56:52 -08:00
llc netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
mac80211 mac80211: Fix debugfs union misuse and pointer corruption 2008-09-02 17:39:50 -04:00
netfilter netfilter: nf_conntrack_irc: make sure string is terminated before calling simple_strtoul 2008-09-07 18:21:24 -07:00
netlabel netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
netlink net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
netrom netdev: Handle ->addr_list_lock just like ->_xmit_lock for lockdep. 2008-07-22 14:16:42 -07:00
packet net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
rfkill net: rfkill: add missing line break 2008-08-26 20:06:31 -04:00
rose netdev: Handle ->addr_list_lock just like ->_xmit_lock for lockdep. 2008-07-22 14:16:42 -07:00
rxrpc net/rxrpc: Use an IS_ERR test rather than a NULL test 2008-08-13 02:40:48 -07:00
sched pkt_sched: Fix locking of qdisc_root with qdisc_root_sleeping_lock() 2008-08-29 14:27:52 -07:00
sctp sctp: fix random memory dereference with SCTP_HMAC_IDENT option. 2008-08-27 16:09:49 -07:00
sunrpc Merge branch 'linus' into cpus4096 2008-07-28 21:14:43 +02:00
tipc tipc: Don't use structure names which easily globally conflict. 2008-09-02 23:38:32 -07:00
unix Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2008-07-26 20:23:44 -07:00
wanrouter wanmain.c doesn't need syncppp.h 2008-07-23 23:00:36 +02:00
wireless net/wireless/Kconfig: clarify the description for CONFIG_WIRELESS_EXT_SYSFS 2008-09-02 15:03:19 -04:00
x25 netns: Use net_eq() to compare net-namespaces for optimization. 2008-07-19 22:34:43 -07:00
xfrm ipsec: Fix deadlock in xfrm_state management. 2008-09-02 20:14:15 -07:00
compat.c flag parameters: paccept 2008-07-24 10:47:27 -07:00
Kconfig net: Make "networking" one-click deselectable. 2008-07-30 03:27:53 -07:00
Makefile vlan: uninline __vlan_hwaccel_rx 2008-07-08 03:23:36 -07:00
nonet.c
socket.c SL*B: drop kmem cache argument from constructor 2008-07-26 12:00:07 -07:00
sysctl_net.c missing bits of net-namespace / sysctl 2008-07-27 09:45:34 -07:00
TUNABLE