Blaster4385/linux-IllusionX
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge branch 'getsockopt-parameter-validation'

Browse source 
Gavrilov Ilia says:

====================
fix incorrect parameter validation in the *_get_sockopt() functions

This v2 series fix incorrent parameter validation in *_get_sockopt()
functions in several places.

version 2 changes:
- reword the patch description
- add two patches for net/kcm and net/x25
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2024-03-11 09:53:22 +00:00
commit e996401e06
6 changed files with 13 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
net/ipv4/ipmr.c
View file

@ -1603,9 +1603,11 @@ int ip_mroute_getsockopt(struct sock *sk, int optname, sockptr_t optval,
if (copy_from_sockptr(&olr, optlen, sizeof(int)))
return -EFAULT;
olr = min_t(unsigned int, olr, sizeof(int));
if (olr < 0)
return -EINVAL;
olr = min_t(unsigned int, olr, sizeof(int));
if (copy_to_sockptr(optlen, &olr, sizeof(int)))
return -EFAULT;
if (copy_to_sockptr(optval, &val, olr))

4
net/ipv4/tcp.c
View file

@ -4011,11 +4011,11 @@ int do_tcp_getsockopt(struct sock *sk, int level,
if (copy_from_sockptr(&len, optlen, sizeof(int)))
return -EFAULT;
len = min_t(unsigned int, len, sizeof(int));
if (len < 0)
return -EINVAL;
len = min_t(unsigned int, len, sizeof(int));
switch (optname) {
case TCP_MAXSEG:
val = tp->mss_cache;

4
net/ipv4/udp.c
View file

@ -2791,11 +2791,11 @@ int udp_lib_getsockopt(struct sock *sk, int level, int optname,
if (get_user(len, optlen))
return -EFAULT;
len = min_t(unsigned int, len, sizeof(int));
if (len < 0)
return -EINVAL;
len = min_t(unsigned int, len, sizeof(int));
switch (optname) {
case UDP_CORK:
val = udp_test_bit(CORK, sk);

3
net/kcm/kcmsock.c
View file

@ -1153,10 +1153,11 @@ static int kcm_getsockopt(struct socket *sock, int level, int optname,
if (get_user(len, optlen))
return -EFAULT;
len = min_t(unsigned int, len, sizeof(int));
if (len < 0)
return -EINVAL;
len = min_t(unsigned int, len, sizeof(int));
switch (optname) {
case KCM_RECV_DISABLE:
val = kcm->rx_disabled;

4
net/l2tp/l2tp_ppp.c
View file

@ -1356,11 +1356,11 @@ static int pppol2tp_getsockopt(struct socket *sock, int level, int optname,
if (get_user(len, optlen))
return -EFAULT;
len = min_t(unsigned int, len, sizeof(int));
if (len < 0)
return -EINVAL;
len = min_t(unsigned int, len, sizeof(int));
err = -ENOTCONN;
if (!sk->sk_user_data)
goto end;

4
net/x25/af_x25.c
View file

@ -460,12 +460,12 @@ static int x25_getsockopt(struct socket *sock, int level, int optname,
if (get_user(len, optlen))
goto out;
len = min_t(unsigned int, len, sizeof(int));
rc = -EINVAL;
if (len < 0)
goto out;
len = min_t(unsigned int, len, sizeof(int));
rc = -EFAULT;
if (put_user(len, optlen))
goto out;