git.stricted.de - GitHub/LineageOS/G12/android_kernel_amlogic

projects / GitHub / LineageOS / G12 / android_kernel_amlogic_linux-4.9.git / commit

author	Xi Wang <xi.wang@gmail.com>
	Tue, 22 Nov 2011 15:55:30 +0000 (15:55 +0000)
committer	David S. Miller <davem@davemloft.net>
	Tue, 29 Nov 2011 05:31:45 +0000 (00:31 -0500)
commit	a5e5c37434eb182cf50cec90d9736d9a9a390116
tree	8b31067a05b221efa900bb333aa58c7fbaffc854	tree \| snapshot (tar.gz zip)
parent	2a38e6d5aed24bb7f0211e0819fac8c32c2b5791	commit \| diff

sctp: integer overflow in sctp_auth_create_key()

The previous commit 30c2235c is incomplete and cannot prevent integer
overflows. For example, when key_len is 0x80000000 (INT_MAX + 1), the
left-hand side of the check, (INT_MAX - key_len), which is unsigned,
becomes 0xffffffff (UINT_MAX) and bypasses the check.

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

RSS Atom