kernel_google_wahoo.git - kernel_google

diff options

author	Thierry Strudel <tstrudel@google.com>	2018-01-26 16:18:09 -0800
committer	Oleg Matcovschi <omatcovschi@google.com>	2018-03-13 19:47:41 -0700
commit	a604f6225b71e013d3b4938982b9a2e54540df54 (patch)
tree	357ed4d388955af0bb0fbcc84ddd23bd61b652f2 /net/unix/sysctl_net_unix.c
parent	0ef537ba61aba47f4f3535c3dd26d65d764c9b58 (diff)

BACKPORT: USB: core: harden cdc_parse_cdc_header

Andrey Konovalov reported a possible out-of-bounds problem for the cdc_parse_cdc_header function. He writes: It looks like cdc_parse_cdc_header() doesn't validate buflen before accessing buffer[1], buffer[2] and so on. The only check present is while (buflen > 0). So fix this issue up by properly validating the buffer length matches what the descriptor says it is. Reported-by: Andrey Konovalov <andreyknvl@google.com> Tested-by: Andrey Konovalov <andreyknvl@google.com> Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> From-Commit: 2e1c42391ff2556387b3cb6308b24f6f65619feb Bug: 69052594 Signed-off-by: Thierry Strudel <tstrudel@google.com>

Diffstat (limited to 'net/unix/sysctl_net_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: