android_kernel_google_msm/net/ipv6
Hannes Frederic Sowa bceaa90240 inet: prevent leakage of uninitialized memory to user in recv syscalls
Only update *addr_len when we actually fill in sockaddr, otherwise we
can return uninitialized memory from the stack to the caller in the
recvfrom, recvmmsg and recvmsg syscalls. Drop the the (addr_len == NULL)
checks because we only get called with a valid addr_len pointer either
from sock_common_recvmsg or inet_recvmsg.

If a blocking read waits on a socket which is concurrently shut down we
now return zero and set msg_msgnamelen to 0.

Reported-by: mpb <mpb.mail@gmail.com>
Suggested-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-18 15:12:03 -05:00
..
netfilter netfilter: push reasm skb through instead of original frag skbs 2013-11-11 00:19:35 -05:00
addrconf.c sit/gre6: don't try to add the same route two times 2013-11-14 16:59:16 -05:00
addrconf_core.c ipv6: move in6_dev_finish_destroy() into core kernel 2013-08-31 22:30:00 -04:00
addrlabel.c ipv6: fix null pointer dereference in __ip6addrlbl_add 2013-09-04 14:14:53 -04:00
af_inet6.c tcp_memcontrol: Remove the per netns control. 2013-10-21 18:43:02 -04:00
ah6.c ipsec: Don't update the pmtu on ICMPV6_DEST_UNREACH 2013-09-16 09:45:32 +02:00
anycast.c
datagram.c ipv6: make lookups simpler and faster 2013-10-09 00:01:25 -04:00
esp6.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2013-11-02 02:13:48 -04:00
exthdrs.c ipv6/exthdrs: accept tlv which includes only padding 2013-09-11 15:52:27 -04:00
exthdrs_core.c
exthdrs_offload.c
fib6_rules.c fib6_rules: fix indentation 2013-09-11 16:16:29 -04:00
icmp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-09-05 14:58:52 -04:00
inet6_connection_sock.c inet: rename ir_loc_port to ir_num 2013-10-10 14:37:35 -04:00
inet6_hashtables.c inet: convert inet_ehash_secret and ipv6_hash_secret to net_get_random_once 2013-10-19 19:45:35 -04:00
ip6_checksum.c
ip6_fib.c ipv6: compare sernum when walking fib for /proc/net/ipv6_route as safety net 2013-09-27 17:32:17 -04:00
ip6_flowlabel.c ipv6: protect for_each_sk_fl_rcu in mem_check with rcu_read_lock_bh 2013-11-11 01:25:28 -05:00
ip6_gre.c ipv6: Initialize ip6_tnl.hlen in gre tunnel even if no route is found 2013-10-11 17:50:59 -04:00
ip6_icmp.c
ip6_input.c net: add SNMP counters tracking incoming ECN bits 2013-08-08 22:24:59 -07:00
ip6_offload.c ipv6: sit: add GSO/TSO support 2013-10-21 18:49:39 -04:00
ip6_offload.h
ip6_output.c ip6_output: fragment outgoing reassembled skb properly 2013-11-11 00:19:35 -05:00
ip6_tunnel.c ip6tnl: fix use after free of fb_tnl_dev 2013-11-14 17:04:38 -05:00
ip6_vti.c ipv6: Add support for IPsec virtual tunnel interfaces 2013-10-10 12:00:01 +02:00
ip6mr.c tunnels: harmonize cleanup done on skb on rx path 2013-09-04 00:27:26 -04:00
ipcomp6.c ipsec: Don't update the pmtu on ICMPV6_DEST_UNREACH 2013-09-16 09:45:32 +02:00
ipv6_sockglue.c ipv6: enable IPV6_FLOWLABEL_MGR for getsockopt 2013-11-08 13:42:57 -05:00
Kconfig ipv6: Remove privacy config option. 2013-10-28 20:07:50 -04:00
Makefile ipv6: Add support for IPsec virtual tunnel interfaces 2013-10-10 12:00:01 +02:00
mcast.c ipv6 mcast: use in6_dev_put in timer handlers instead of __in6_dev_put 2013-09-30 22:28:58 -07:00
mip6.c
ndisc.c net: ipv6: ndisc: Fix warning when CONFIG_SYSCTL=n 2013-11-18 14:49:16 -05:00
netfilter.c
output_core.c ipv6: move ip6_local_out into core kernel 2013-08-31 22:30:00 -04:00
ping.c ipv6: make lookups simpler and faster 2013-10-09 00:01:25 -04:00
proc.c net: add SNMP counters tracking incoming ECN bits 2013-08-08 22:24:59 -07:00
protocol.c
raw.c inet: prevent leakage of uninitialized memory to user in recv syscalls 2013-11-18 15:12:03 -05:00
reassembly.c ipv6: split inet6_hash_frag for netfilter and initialize secrets with net_get_random_once 2013-10-23 17:01:40 -04:00
route.c ipv6: use rt6_get_dflt_router to get default router in rt6_route_rcv 2013-11-08 15:16:04 -05:00
sit.c sit: fix use after free of fb_tunnel_dev 2013-11-14 16:42:17 -05:00
syncookies.c inet: split syncookie keys for ipv4 and ipv6 and initialize with net_get_random_once 2013-10-19 19:45:35 -04:00
sysctl_net_ipv6.c
tcp_ipv6.c tcp_memcontrol: Remove the per netns control. 2013-10-21 18:43:02 -04:00
tcpv6_offload.c tcp: rename tcp_tso_segment() 2013-10-18 13:38:39 -04:00
tunnel6.c
udp.c inet: prevent leakage of uninitialized memory to user in recv syscalls 2013-11-18 15:12:03 -05:00
udp_impl.h net: ipv4/ipv6: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
udp_offload.c ipv6: fix headroom calculation in udp6_ufo_fragment 2013-11-05 22:09:53 -05:00
udplite.c
xfrm6_input.c
xfrm6_mode_beet.c
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c ipv6: Add a receive path hook for vti6 in xfrm6_mode_tunnel. 2013-10-09 13:16:36 +02:00
xfrm6_output.c xfrm: revert ipv4 mtu determination to dst_mtu 2013-08-26 12:40:53 +02:00
xfrm6_policy.c xfrm: Fix null pointer dereference when decoding sessions 2013-11-01 07:08:46 +01:00
xfrm6_state.c xfrm: make local error reporting more robust 2013-08-14 13:07:12 +02:00
xfrm6_tunnel.c