git.karo-electronics.de Git - linux-beck.git/commit

author	Eric Dumazet <edumazet@google.com>
	Fri, 3 Feb 2017 08:03:26 +0000 (00:03 -0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 18 Feb 2017 14:11:41 +0000 (15:11 +0100)
commit	66cdd4347573027f95b4c7b50a7b20079ce66919
tree	1ef92639c7f48fdb4bf9a7e51477a0e252ab4b25	tree \| snapshot
parent	f5b54446630a973e1f27b68599366bbd0ac53066	commit \| diff

netlabel: out of bound access in cipso_v4_validate()

[ Upstream commit d71b7896886345c53ef1d84bda2bc758554f5d61 ]

syzkaller found another out of bound access in ip_options_compile(),
or more exactly in cipso_v4_validate()

Fixes: 20e2a8648596 ("cipso: handle CIPSO options correctly when NetLabel is disabled")
Fixes: 446fda4f2682 ("[NetLabel]: CIPSOv4 engine")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

include/net/cipso_ipv4.h		diff \| blob \| history
net/ipv4/cipso_ipv4.c		diff \| blob \| history