diff options
author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2012-12-15 16:42:19 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-12-18 05:50:51 +0100 |
commit | 4e4b53768f1ddce38b7f6edcad3a063020ef0024 (patch) | |
tree | 2b65ca48277f2600771a56640365ecadd0cbf5e4 | |
parent | netlink: change presentation of portid in procfs to unsigned (diff) | |
download | linux-4e4b53768f1ddce38b7f6edcad3a063020ef0024.tar.xz linux-4e4b53768f1ddce38b7f6edcad3a063020ef0024.zip |
netlink: validate addr_len on bind
Otherwise an out of bounds read could happen.
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/netlink/af_netlink.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 9ee52b6a12dd..c0353d55d56f 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -669,6 +669,9 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, struct sockaddr_nl *nladdr = (struct sockaddr_nl *)addr; int err; + if (addr_len < sizeof(struct sockaddr_nl)) + return -EINVAL; + if (nladdr->nl_family != AF_NETLINK) return -EINVAL; |