net/sctp · 7ba1ba12eeef0aa7113beb16410ef8b7c748e18b · matisse / android_kernel_samsung_matisse

sctp: Make sure N * sizeof(union sctp_addr) does not overflow.

David S. Miller authored 16 years ago


As noticed by Gabriel Campana, the kmalloc() length arg
passed in by sctp_getsockopt_local_addrs_old() can overflow
if ->addr_num is large enough.

Therefore, enforce an appropriate limit.
Signed-off-by: David S. Miller <davem@davemloft.net>

735ce972

Name	Last commit	Last update
..
Kconfig
Makefile
associola.c
auth.c
bind_addr.c
chunk.c
command.c
debug.c
endpointola.c
input.c
inqueue.c
ipv6.c
objcnt.c
output.c
outqueue.c
primitive.c
proc.c
protocol.c
sm_make_chunk.c
sm_sideeffect.c
sm_statefuns.c
sm_statetable.c
socket.c
ssnmap.c
sysctl.c
transport.c
tsnmap.c
ulpevent.c
ulpqueue.c

Download source code

Download this directory