| Message ID | 20200401161534.360943180@linuxfoundation.org |
|---|---|
| State | New |
| Headers | show
Return-Path: <SRS0=zuZT=5R=vger.kernel.org=stable-owner@kernel.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7268EC2D0F0 for <stable@archiver.kernel.org>; Wed, 1 Apr 2020 16:33:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 2F23D21582 for <stable@archiver.kernel.org>; Wed, 1 Apr 2020 16:33:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1585758835; bh=tmjogg9yI+Opax21DufBCCunzR9HJWzo5dAUBKQVx3A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=rjwFPRFRwZ2RB1EtC0bAqJBBNga9Y3xcxknpdb9H19n9Vl2P+JkDH3suXp2GSP/9v TQUo+FfpSFncLbJBaTdQR4fukBB2BqnEb2H+qqG/hqYl/208kI4fWtD73umgMje0cf 4/EZvHZJziM16gn3TRtvtaYAl62mDVgeHk/Ytp/4= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387862AbgDAQdy (ORCPT <rfc822;stable@archiver.kernel.org>); Wed, 1 Apr 2020 12:33:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:60482 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388595AbgDAQdx (ORCPT <rfc822;stable@vger.kernel.org>); Wed, 1 Apr 2020 12:33:53 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 46515214D8; Wed, 1 Apr 2020 16:33:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1585758832; bh=tmjogg9yI+Opax21DufBCCunzR9HJWzo5dAUBKQVx3A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MG0ocWR7Mm9WCIWajE7sug4Mu/d+Vo4lkZZyIaoqU5IqWrE0u0KMRl+WPkup3sxNY HUROa/ZHErGOi5LVPIK3jlOGFGbwCXS3MBYIwmyyONz9w33fS5lhOo2By+YCyRAVx8 T+q+WJ7PPX4K2juoL0aiuUYrV/O7B7/YOVkr+Hlw= From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, stable@vger.kernel.org, Xin Long <lucien.xin@gmail.com>, Steffen Klassert <steffen.klassert@secunet.com> Subject: [PATCH 4.4 62/91] xfrm: fix uctx len check in verify_sec_ctx_len Date: Wed, 1 Apr 2020 18:17:58 +0200 Message-Id: <20200401161534.360943180@linuxfoundation.org> X-Mailer: git-send-email 2.26.0 In-Reply-To: <20200401161512.917494101@linuxfoundation.org> References: <20200401161512.917494101@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: <stable.vger.kernel.org> X-Mailing-List: stable@vger.kernel.org |
| Series |
None
|
expand
|
--- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -109,7 +109,8 @@ static inline int verify_sec_ctx_len(str return 0; uctx = nla_data(rt); - if (uctx->len != (sizeof(struct xfrm_user_sec_ctx) + uctx->ctx_len)) + if (uctx->len > nla_len(rt) || + uctx->len != (sizeof(struct xfrm_user_sec_ctx) + uctx->ctx_len)) return -EINVAL; return 0;