ipsec: Fix aborted xfrm policy dump crash - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Herbert Xu <[email protected]>	2017-10-19 20:51:10 +0800
committer	Steffen Klassert <[email protected]>	2017-10-23 09:35:48 +0200
commit	1137b5e2529a8f5ca8ee709288ecba3e68044df2 (patch)
tree	18edcb35fb0f74084d002b560f91fc9deb7a44e8 /tools/perf/scripts/python/stackcollapse.py
parent	10a7ef33679073d13bf1dd05e3f1b7912f999543 (diff)

ipsec: Fix aborted xfrm policy dump crash

An independent security researcher, Mohamed Ghannam, has reported this vulnerability to Beyond Security's SecuriTeam Secure Disclosure program. The xfrm_dump_policy_done function expects xfrm_dump_policy to have been called at least once or it will crash. This can be triggered if a dump fails because the target socket's receive buffer is full. This patch fixes it by using the cb->start mechanism to ensure that the initialisation is always done regardless of the buffer situation. Fixes: 12a169e7d8f4 ("ipsec: Put dumpers on the dump list") Signed-off-by: Herbert Xu <[email protected]> Signed-off-by: Steffen Klassert <[email protected]>

Diffstat (limited to 'tools/perf/scripts/python/stackcollapse.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: