android_kernel_samsung_msm8976/lib
Pablo Neira dbd3f730cf netlink: don't compare the nul-termination in nla_strcmp
[ Upstream commit 8b7b932434f5eee495b91a2804f5b64ebb2bc835 ]

nla_strcmp compares the string length plus one, so it's implicitly
including the nul-termination in the comparison.

 int nla_strcmp(const struct nlattr *nla, const char *str)
 {
        int len = strlen(str) + 1;
        ...
                d = memcmp(nla_data(nla), str, len);

However, if NLA_STRING is used, userspace can send us a string without
the nul-termination. This is a problem since the string
comparison will not match as the last byte may be not the
nul-termination.

Fix this by skipping the comparison of the nul-termination if the
attribute data is nul-terminated. Suggested by Thomas Graf.

Cc: Florian Westphal <fw@strlen.de>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-14 06:42:18 -07:00
..
lzo lib/lzo: Update LZO compression to current upstream version 2013-02-20 19:36:01 +01:00
mpi lib/mpi/mpicoder.c: looping issue, need stop when equal to zero, found by 'EXTRA_FLAGS=-W'. 2013-06-12 16:29:44 -07:00
raid6
reed_solomon
xz decompressors: fix typo "POWERPC" 2013-03-13 15:21:48 -07:00
zlib_deflate
zlib_inflate
.gitignore
argv_split.c argv_split(): teach it to handle mutable strings 2013-04-29 18:28:19 -07:00
asn1_decoder.c Nothing all that exciting; a new module-from-fd syscall for those who want 2012-12-19 07:55:08 -08:00
atomic64.c lib: atomic64: Initialize locks statically to fix early users 2012-12-20 13:50:16 -08:00
atomic64_test.c
audit.c
average.c
bcd.c
bch.c
bitmap.c
bitrev.c
bsearch.c
btree.c
bug.c taint: add explicit flag to show whether lock dep is still OK. 2013-01-21 17:17:57 +10:30
build_OID_registry
bust_spinlocks.c printk: Provide a wake_up_klogd() off-case 2013-03-22 16:41:20 -07:00
check_signature.c
checksum.c asm-generic headers: Allow yet more arch overrides in checksum.h 2013-02-11 20:00:33 +05:30
clz_tab.c
cmdline.c
cordic.c
cpu-notifier-error-inject.c
cpu_rmap.c lib: cpu_rmap: avoid flushing all workqueues 2013-01-11 14:54:54 -08:00
cpumask.c
crc-ccitt.c
crc-itu-t.c
crc-t10dif.c
crc7.c
crc8.c
crc16.c
crc32.c
crc32defs.h
ctype.c
debug_locks.c
debugobjects.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
dec_and_lock.c
decompress.c lib/decompress.c: fix initconst 2013-04-30 17:04:09 -07:00
decompress_bunzip2.c
decompress_inflate.c lib/decompressors: fix "no limit" output buffer length 2014-02-06 11:08:12 -08:00
decompress_unlzma.c
decompress_unlzo.c lib/lzo: Rename lzo1x_decompress.c to lzo1x_decompress_safe.c 2013-02-20 19:36:00 +01:00
decompress_unxz.c
devres.c lib/devres.c: fix misplaced #endif 2013-02-27 19:10:09 -08:00
digsig.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2013-02-21 08:18:12 -08:00
div64.c Revert "math64: New div64_u64_rem helper" 2013-04-30 19:13:05 +02:00
dma-debug.c dma-debug: update DMA debug API to better handle multiple mappings of a buffer 2013-03-22 16:41:20 -07:00
dump_stack.c dump_stack: consolidate dump_stack() implementations and unify their behaviors 2013-04-30 17:04:02 -07:00
dynamic_debug.c dynamic_debug: reuse generic string_unescape function 2013-04-30 17:04:03 -07:00
dynamic_queue_limits.c
earlycpio.c
extable.c
fault-inject.c lib/: rename random32() to prandom_u32() 2013-04-29 18:28:42 -07:00
fdt.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
find_last_bit.c
find_next_bit.c
flex_array.c
flex_proportions.c
gcd.c
gen_crc32table.c
genalloc.c lib/genalloc.c: fix overflow of ending address of memory chunk 2013-12-11 22:36:28 -08:00
halfmd4.c
hexdump.c dynamic_debug: dynamic hex dump 2013-01-17 12:19:09 -08:00
hweight.c
idr.c idr: introduce idr_alloc_cyclic() 2013-04-29 18:28:41 -07:00
inflate.c
int_sqrt.c lib/int_sqrt.c: optimize square root algorithm 2013-04-29 18:28:19 -07:00
interval_tree.c
interval_tree_test_main.c random32: rename random32 to prandom 2012-12-17 17:15:26 -08:00
iomap.c
iomap_copy.c
iommu-helper.c
ioremap.c
iovec.c Hoist memcpy_fromiovec/memcpy_toiovec into lib/ 2013-05-20 10:24:22 +09:30
irq_regs.c
is_single_threaded.c
jedec_ddr_data.c
kasprintf.c
Kconfig Move utf16 functions to kernel core and rename 2013-04-15 21:23:03 +01:00
Kconfig.debug lib/Kconfig.debug: Restrict FRAME_POINTER for MIPS 2013-07-28 16:30:12 -07:00
Kconfig.kgdb KGDB/KDB fixes and cleanups 2013-03-02 08:31:39 -08:00
Kconfig.kmemcheck
kfifo.c kfifo: fix kfifo_alloc() and kfifo_init() 2013-02-27 19:10:23 -08:00
klist.c klist: del waiter from klist_remove_waiters before wakeup waitting process 2013-05-21 10:16:39 -07:00
kobject.c kref: minor cleanup 2013-05-07 16:09:00 -07:00
kobject_uevent.c
kstrtox.c
kstrtox.h
lcm.c
libcrc32c.c
list_debug.c
list_sort.c lib/: rename random32() to prandom_u32() 2013-04-29 18:28:42 -07:00
llist.c
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c lockdep: Selftest: convert spinlock to raw spinlock 2013-02-19 08:43:35 +01:00
lru_cache.c lru_cache: introduce lc_get_cumulative() 2013-03-22 22:17:36 -06:00
Makefile x86, hweight: Fix BUG when booting with CONFIG_GCOV_PROFILE_ALL=y 2014-02-20 11:06:11 -08:00
md5.c
memory-notifier-error-inject.c
memweight.c
nlattr.c netlink: don't compare the nul-termination in nla_strcmp 2014-04-14 06:42:18 -07:00
notifier-error-inject.c mode_t, whack-a-mole at 11... 2013-04-09 14:13:05 -04:00
notifier-error-inject.h
of-reconfig-notifier-error-inject.c
oid_registry.c Give the OID registry file module info to avoid kernel tainting 2013-05-05 14:38:00 -07:00
parser.c lib/parser.c: fix up comments for valid return values from match_number 2013-02-21 17:22:25 -08:00
pci_iomap.c
percpu-rwsem.c
percpu_counter.c
plist.c
pm-notifier-error-inject.c
prio_heap.c
proportions.c
radix-tree.c
random32.c random32: fix off-by-one in seeding requirement 2013-12-08 07:29:24 -08:00
ratelimit.c
rational.c
rbtree.c lib/rbtree.c: avoid the use of non-static __always_inline 2013-01-11 14:54:56 -08:00
rbtree_test.c rbtree_test: add __init/__exit annotations 2013-04-30 17:04:07 -07:00
reciprocal_div.c
rwsem-spinlock.c rwsem: simplify __rwsem_do_wake 2013-05-07 07:20:16 -07:00
rwsem.c rwsem: check counter to avoid cmpxchg calls 2013-05-07 16:11:51 -07:00
scatterlist.c lib/scatterlist.c: don't flush_kernel_dcache_page on slab page 2013-11-13 12:05:33 +09:00
sha1.c
show_mem.c mm, show_mem: suppress page counts in non-blockable contexts 2013-04-29 15:54:28 -07:00
smp_processor_id.c
sort.c
spinlock_debug.c
stmp_device.c
string.c
string_helpers.c lib/string_helpers: introduce generic string_unescape 2013-04-30 17:04:03 -07:00
strncpy_from_user.c
strnlen_user.c
swiotlb.c x86, kdump: Set crashkernel_low automatically 2013-04-17 12:35:32 -07:00
syscall.c
test-kstrtox.c
test-string_helpers.c lib/string_helpers: introduce generic string_unescape 2013-04-30 17:04:03 -07:00
textsearch.c
timerqueue.c
ts_bm.c
ts_fsm.c
ts_kmp.c
ucs2_string.c Move utf16 functions to kernel core and rename 2013-04-15 21:23:03 +01:00
usercopy.c Kconfig: consolidate CONFIG_DEBUG_STRICT_USER_COPY_CHECKS 2013-04-30 17:04:09 -07:00
uuid.c uuid: use prandom_bytes() 2013-04-29 18:28:42 -07:00
vsprintf.c vsprintf: check real user/group id for %pK 2013-12-04 10:56:06 -08:00