projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
x25: Prevent skb overreads when checking call user data
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / x25 / af_x25.c
diff --git a/net/x25/af_x25.c b/net/x25/af_x25.c
index aa567b09ea9aef1e148fcfe18b6d7aef6a51807c..5f03e4ea65bff5f137aebe122f843fb7e5c6a4ca 100644 (file)
--- a/net/x25/af_x25.c
+++ b/net/x25/af_x25.c
@@ -295,7 +295,8 @@ static struct sock *x25_find_listener(struct x25_address *addr,
                         * Found a listening socket, now check the incoming
                         * call user data vs this sockets call user data
                         */
-                       if(skb->len > 0 && x25_sk(s)->cudmatchlength > 0) {
+                       if (x25_sk(s)->cudmatchlength > 0 &&
+                               skb->len >= x25_sk(s)->cudmatchlength) {
                                if((memcmp(x25_sk(s)->calluserdata.cuddata,
                                        skb->data,
                                        x25_sk(s)->cudmatchlength)) == 0) {
kernel source for telekom puls (alcatel/mediatek)