projects / firefly-linux-kernel-4.4.55.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a2df29e) | patch
ipv6: dccp: fix out of bound access in dccp_v6_err()
authorEric Dumazet <edumazet@google.com>
Thu, 3 Nov 2016 03:30:48 +0000 (20:30 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 21 Nov 2016 09:06:39 +0000 (10:06 +0100)
commit99131760a8851e6e5b2c9b24d0a68a3068923a08
treed2591d6dab53ff75bcbac0b1511de4f6ac88054btree | snapshot
parenta2df29ed840f90e459a3f8ff029b216be3912731commit | diff
ipv6: dccp: fix out of bound access in dccp_v6_err()

[ Upstream commit 1aa9d1a0e7eefcc61696e147d123453fc0016005 ]

dccp_v6_err() does not use pskb_may_pull() and might access garbage.

We only need 4 bytes at the beginning of the DCCP header, like TCP,
so the 8 bytes pulled in icmpv6_notify() are more than enough.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/dccp/ipv6.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.