Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net
History
Dan Carpenter d86129c5c0 rds: fix an integer overflow test in rds_info_getsockopt() 
commit 468b732b6f76b138c0926eadf38ac88467dcd271 upstream.

"len" is a signed integer.  We check that len is not negative, so it
goes from zero to INT_MAX.  PAGE_SIZE is unsigned long so the comparison
is type promoted to unsigned long.  ULONG_MAX - 4095 is a higher than
INT_MAX so the condition can never be true.

I don't know if this is harmful but it seems safe to limit "len" to
INT_MAX - 4095.

Fixes: a8c879a7ee ('RDS: Info and stats')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Zefan Li <lizefan@huawei.com>
2016-03-21 09:17:50 +08:00
..
9p 9p: forgetting to cancel request on interrupted zero-copy RPC 2015-10-22 09:20:07 +08:00
802
8021q 8021q: fix a potential memory leak 2014-07-28 07:06:45 -07:00
appletalk appletalk: Fix socket referencing in skb 2014-07-28 07:06:45 -07:00
atm
ax25
batman-adv
bluetooth Bluetooth: Fix invalid length check in l2cap_information_rsp() 2015-04-14 17:34:02 +08:00
bridge bridge: multicast: restore router configuration on port link down/up 2015-10-22 09:20:06 +08:00
caif caif: remove wrong dev_net_set() call 2015-04-14 17:33:59 +08:00
can can: add missing initialisations in CAN related skbuffs 2015-06-19 11:40:23 +08:00
ceph crush: fix a bug in tree bucket decode 2015-10-22 09:20:07 +08:00
core net: Clone skb before setting peeked flag 2016-03-21 09:17:45 +08:00
dcb
dccp
decnet
dns_resolver dns_resolver: Null-terminate the right string 2014-07-28 07:06:46 -07:00
dsa
econet
ethernet
ieee802154
ipv4 inet: frags: fix defragmented packet's IP header for af_packet 2016-03-21 09:17:46 +08:00
ipv6 udp: fix behavior of wrong checksums 2015-09-18 09:20:47 +08:00
ipx
irda net: irda: fix wait_until_sent poll timeout 2015-06-19 11:40:22 +08:00
iucv
key
l2tp l2tp: fix race while getting PMTU on PPP pseudo-wire 2014-12-01 18:02:45 +08:00
lapb
llc
mac80211 mac80211: clear subdir_stations when removing debugfs 2016-03-21 09:17:45 +08:00
netfilter netfilter: nf_conntrack: Support expectations in different zones 2016-03-21 09:17:48 +08:00
netlabel
netlink
netrom
nfc
openvswitch net: make skb_gso_segment error handling more robust 2015-06-19 11:40:33 +08:00
packet packet: avoid out of bounds read in round robin fanout 2015-10-22 09:20:05 +08:00
phonet
rds rds: fix an integer overflow test in rds_info_getsockopt() 2016-03-21 09:17:50 +08:00
rfkill
rose NET: ROSE: Don't dereference NULL neighbour pointer. 2015-09-18 09:20:47 +08:00
rxrpc
sched act_mirred: do not drop packets when fails to mirror it 2014-06-07 16:02:00 -07:00
sctp sctp: fix ASCONF list handling 2015-10-22 09:20:04 +08:00
sunrpc SUNRPC: Fix a memory leak in the backchannel code 2015-10-22 09:20:03 +08:00
tipc tipc: clear 'next'-pointer of message fragments before reassembly 2014-07-28 07:06:45 -07:00
unix net: unix: non blocking recvmsg() should not return -EINTR 2014-04-26 17:13:16 -07:00
wanrouter
wimax
wireless nl80211: ignore HT/VHT capabilities without QoS/WMM 2015-06-19 11:40:28 +08:00
x25
xfrm net: make skb_gso_segment error handling more robust 2015-06-19 11:40:33 +08:00
compat.c net: compat: Update get_compat_msghdr() to match copy_msghdr_from_user() behaviour 2015-04-14 17:34:04 +08:00
Kconfig
Makefile
nonet.c
socket.c net: socket: Fix the wrong returns for recvmsg and sendmsg 2015-09-18 09:20:46 +08:00
sysctl_net.c