Revision - 5e1f542 - inet_diag: validate port comparison byte code to prevent unsafe reads - origin: https://github.com/torvalds/linux

visit type:

https://github.com/torvalds/linux

05 April 2024, 19:05:47 UTC

Code
Branches (2)
Releases (831)
Visits

Revision 5e1f54201cb481f40a04bc47e1bc8c093a189e23 authored by Neal Cardwell on 09 December 2012, 11:09:54 UTC, committed by David S. Miller on 10 December 2012, 00:00:48 UTC

inet_diag: validate port comparison byte code to prevent unsafe reads

Add logic to verify that a port comparison byte code operation
actually has the second inet_diag_bc_op from which we read the port
for such operations.

Previously the code blindly referenced op[1] without first checking
whether a second inet_diag_bc_op struct could fit there. So a
malicious user could make the kernel read 4 bytes beyond the end of
the bytecode array by claiming to have a whole port comparison byte
code (2 inet_diag_bc_op structs) when in fact the bytecode was not
long enough to hold both.

Signed-off-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 parent f67caec

Files
Changes

Branches
Releases

HEAD
refs/heads/dependabot/pip/drivers/gpu/drm/ci/xfails/pip-23.3
refs/heads/master
5e1f54201cb481f40a04bc47e1bc8c093a189e23

v6.9-rc2
v6.9-rc1
v6.8-rc7
v6.8-rc6
v6.8-rc5
v6.8-rc4
v6.8-rc3
v6.8-rc2
v6.8-rc1
v6.8
v6.7-rc8
v6.7-rc7
v6.7-rc6
v6.7-rc5
v6.7-rc4
v6.7-rc3
v6.7-rc2
v6.7-rc1
v6.7
v6.6-rc7
v6.6-rc6
v6.6-rc5
v6.6-rc4
v6.6-rc3
v6.6-rc2
v6.6-rc1
v6.6
v6.5-rc7
v6.5-rc6
v6.5-rc5
v6.5-rc4
v6.5-rc3
v6.5-rc2
v6.5-rc1
v6.5
v6.4-rc7
v6.4-rc6
v6.4-rc5
v6.4-rc4
v6.4-rc3
v6.4-rc2
v6.4-rc1
v6.4
v6.3-rc7
v6.3-rc6
v6.3-rc5
v6.3-rc4
v6.3-rc3
v6.3-rc2
v6.3-rc1
v6.3
v6.2-rc8
v6.2-rc7
v6.2-rc6
v6.2-rc5
v6.2-rc4
v6.2-rc3
v6.2-rc2
v6.2-rc1
v6.2
v6.1-rc8
v6.1-rc7
v6.1-rc6
v6.1-rc5
v6.1-rc4
v6.1-rc3
v6.1-rc2
v6.1-rc1
v6.1
v6.0-rc7
v6.0-rc6
v6.0-rc5
v6.0-rc4
v6.0-rc3
v6.0-rc2
v6.0-rc1
v6.0
v5.9-rc8
v5.9-rc7
v5.9-rc6
v5.9-rc5
v5.9-rc4
v5.9-rc3
v5.9-rc2
v5.9-rc1
v5.9
v5.8-rc7
v5.8-rc6
v5.8-rc5
v5.8-rc4
v5.8-rc3
v5.8-rc2
v5.8-rc1
v5.8
v5.7-rc7
v5.7-rc6
v5.7-rc5
v5.7-rc4
v5.7-rc3
v5.7-rc2
v5.7-rc1
v5.7
v5.6-rc7
v5.6-rc6
v5.6-rc5
v5.6-rc4
v5.6-rc3
v5.6-rc2
v5.6-rc1
v5.6
v5.5-rc7
v5.5-rc6
v5.5-rc5
v5.5-rc4
v5.5-rc3
v5.5-rc2
v5.5-rc1
v5.5
v5.4-rc8
v5.4-rc7
v5.4-rc6
v5.4-rc5
v5.4-rc4
v5.4-rc3
v5.4-rc2
v5.4-rc1
v5.4
v5.3-rc8
v5.3-rc7
v5.3-rc6
v5.3-rc5
v5.3-rc4
v5.3-rc3
v5.3-rc2
v5.3-rc1
v5.3
v5.2-rc7
v5.2-rc6
v5.2-rc5
v5.2-rc4
v5.2-rc3
v5.2-rc2
v5.2-rc1
v5.2
v5.19-rc8
v5.19-rc7
v5.19-rc6
v5.19-rc5
v5.19-rc4
v5.19-rc3
v5.19-rc2
v5.19-rc1
v5.19
v5.18-rc7
v5.18-rc6
v5.18-rc5
v5.18-rc4
v5.18-rc3
v5.18-rc2
v5.18-rc1
v5.18
v5.17-rc8
v5.17-rc7
v5.17-rc6
v5.17-rc5
v5.17-rc4
v5.17-rc3
v5.17-rc2
v5.17-rc1
v5.17
v5.16-rc8
v5.16-rc7
v5.16-rc6
v5.16-rc5
v5.16-rc4
v5.16-rc3
v5.16-rc2
v5.16-rc1
v5.16
v5.15-rc7
v5.15-rc6
v5.15-rc5
v5.15-rc4
v5.15-rc3
v5.15-rc2
v5.15-rc1
v5.15
v5.14-rc7
v5.14-rc6
v5.14-rc5
v5.14-rc4
v5.14-rc3
v5.14-rc2
v5.14-rc1
v5.14
v5.13-rc7
v5.13-rc6
v5.13-rc5
v5.13-rc4
v5.13-rc3
v5.13-rc2
v5.13-rc1
v5.13
v5.12-rc8
v5.12-rc7
v5.12-rc6
v5.12-rc5
v5.12-rc4
v5.12-rc3
v5.12-rc2
v5.12-rc1
v5.12
v5.11-rc7
v5.11-rc6
v5.11-rc5
v5.11-rc4
v5.11-rc3
v5.11-rc2
v5.11-rc1
v5.11
v5.10-rc7
v5.10-rc6
v5.10-rc5
v5.10-rc4
v5.10-rc3
v5.10-rc2
v5.10-rc1
v5.10
v5.1-rc7
v5.1-rc6
v5.1-rc5
v5.1-rc4
v5.1-rc3
v5.1-rc2
v5.1-rc1
v5.1
v5.0-rc8
v5.0-rc7
v5.0-rc6
v5.0-rc5
v5.0-rc4
v5.0-rc3
v5.0-rc2
v5.0-rc1
v5.0
v4.9-rc8
v4.9-rc7
v4.9-rc6
v4.9-rc5
v4.9-rc4
v4.9-rc3
v4.9-rc2
v4.9-rc1
v4.9
v4.8-rc8
v4.8-rc7
v4.8-rc6
v4.8-rc5
v4.8-rc4
v4.8-rc3
v4.8-rc2
v4.8-rc1
v4.8
v4.7-rc7
v4.7-rc6
v4.7-rc5
v4.7-rc4
v4.7-rc3
v4.7-rc2
v4.7-rc1
v4.7
v4.6-rc7
v4.6-rc6
v4.6-rc5
v4.6-rc4
v4.6-rc3
v4.6-rc2
v4.6-rc1
v4.6
v4.5-rc7
v4.5-rc6
v4.5-rc5
v4.5-rc4
v4.5-rc3
v4.5-rc2
v4.5-rc1
v4.5
v4.4-rc8
v4.4-rc7
v4.4-rc6
v4.4-rc5
v4.4-rc4
v4.4-rc3
v4.4-rc2
v4.4-rc1
v4.4
v4.3-rc7
v4.3-rc6
v4.3-rc5
v4.3-rc4
v4.3-rc3
v4.3-rc2
v4.3-rc1
v4.3
v4.20-rc7
v4.20-rc6
v4.20-rc5
v4.20-rc4
v4.20-rc3
v4.20-rc2
v4.20-rc1
v4.20
v4.2-rc8
v4.2-rc7
v4.2-rc6
v4.2-rc5
v4.2-rc4
v4.2-rc3
v4.2-rc2
v4.2-rc1
v4.2
v4.19-rc8
v4.19-rc7
v4.19-rc6
v4.19-rc5
v4.19-rc4
v4.19-rc3
v4.19-rc2
v4.19-rc1
v4.19
v4.18-rc8
v4.18-rc7
v4.18-rc6
v4.18-rc5
v4.18-rc4
v4.18-rc3
v4.18-rc2
v4.18-rc1
v4.18
v4.17-rc7
v4.17-rc6
v4.17-rc5
v4.17-rc4
v4.17-rc3
v4.17-rc2
v4.17-rc1
v4.17
v4.16-rc7
v4.16-rc6
v4.16-rc5
v4.16-rc4
v4.16-rc3
v4.16-rc2
v4.16-rc1
v4.16
v4.15-rc9
v4.15-rc8
v4.15-rc7
v4.15-rc6
v4.15-rc5
v4.15-rc4
v4.15-rc3
v4.15-rc2
v4.15-rc1
v4.15
v4.14-rc8
v4.14-rc7
v4.14-rc6
v4.14-rc5
v4.14-rc4
v4.14-rc3
v4.14-rc2
v4.14-rc1
v4.14
v4.13-rc7
v4.13-rc6
v4.13-rc5
v4.13-rc4
v4.13-rc3
v4.13-rc2
v4.13-rc1
v4.13
v4.12-rc7
v4.12-rc6
v4.12-rc5
v4.12-rc4
v4.12-rc3
v4.12-rc2
v4.12-rc1
v4.12
v4.11-rc8
v4.11-rc7
v4.11-rc6
v4.11-rc5
v4.11-rc4
v4.11-rc3
v4.11-rc2
v4.11-rc1
v4.11
v4.10-rc8
v4.10-rc7
v4.10-rc6
v4.10-rc5
v4.10-rc4
v4.10-rc3
v4.10-rc2
v4.10-rc1
v4.10
v4.1-rc8
v4.1-rc7
v4.1-rc6
v4.1-rc5
v4.1-rc4
v4.1-rc3
v4.1-rc2
v4.1-rc1
v4.1
v4.0-rc7
v4.0-rc6
v4.0-rc5
v4.0-rc4
v4.0-rc3
v4.0-rc2
v4.0-rc1
v4.0
v3.9-rc8
v3.9-rc7
v3.9-rc6
v3.9-rc5
v3.9-rc4
v3.9-rc3
v3.9-rc2
v3.9-rc1
v3.9
v3.8-rc7
v3.8-rc6
v3.8-rc5
v3.8-rc4
v3.8-rc3
v3.8-rc2
v3.8-rc1
v3.8
v3.7-rc8
v3.7-rc7
v3.7-rc6
v3.7-rc5
v3.7-rc4
v3.7-rc3
v3.7-rc2
v3.7-rc1
v3.7
v3.6-rc7
v3.6-rc6
v3.6-rc5
v3.6-rc4
v3.6-rc3
v3.6-rc2
v3.6-rc1
v3.6
v3.5-rc7
v3.5-rc6
v3.5-rc5
v3.5-rc4
v3.5-rc3
v3.5-rc2
v3.5-rc1
v3.5
v3.4-rc7
v3.4-rc6
v3.4-rc5
v3.4-rc4
v3.4-rc3
v3.4-rc2
v3.4-rc1
v3.4
v3.3-rc7
v3.3-rc6
v3.3-rc5
v3.3-rc4
v3.3-rc3
v3.3-rc2
v3.3-rc1
v3.3
v3.2-rc7
v3.2-rc6
v3.2-rc5
v3.2-rc4
v3.2-rc3
v3.2-rc2
v3.2-rc1
v3.2
v3.19-rc7
v3.19-rc6
v3.19-rc5
v3.19-rc4
v3.19-rc3
v3.19-rc2
v3.19-rc1
v3.19
v3.18-rc7
v3.18-rc6
v3.18-rc5
v3.18-rc4
v3.18-rc3
v3.18-rc2
v3.18-rc1
v3.18
v3.17-rc7
v3.17-rc6
v3.17-rc5
v3.17-rc4
v3.17-rc3
v3.17-rc2
v3.17-rc1
v3.17
v3.16-rc7
v3.16-rc6
v3.16-rc5
v3.16-rc4
v3.16-rc3
v3.16-rc2
v3.16-rc1
v3.16
v3.15-rc8
v3.15-rc7
v3.15-rc6
v3.15-rc5
v3.15-rc4
v3.15-rc3
v3.15-rc2
v3.15-rc1
v3.15
v3.14-rc8
v3.14-rc7
v3.14-rc6
v3.14-rc5
v3.14-rc4
v3.14-rc3
v3.14-rc2
v3.14-rc1
v3.14
v3.13-rc8
v3.13-rc7
v3.13-rc6
v3.13-rc5
v3.13-rc4
v3.13-rc3
v3.13-rc2
v3.13-rc1
v3.13
v3.12-rc7
v3.12-rc6
v3.12-rc5
v3.12-rc4
v3.12-rc3
v3.12-rc2
v3.12-rc1
v3.12
v3.11-rc7
v3.11-rc6
v3.11-rc5
v3.11-rc4
v3.11-rc3
v3.11-rc2
v3.11-rc1
v3.11
v3.10-rc7
v3.10-rc6
v3.10-rc5
v3.10-rc4
v3.10-rc3
v3.10-rc2
v3.10-rc1
v3.10
v3.1-rc9
v3.1-rc8
v3.1-rc7
v3.1-rc6
v3.1-rc5
v3.1-rc4
v3.1-rc3
v3.1-rc2
v3.1-rc10
v3.1-rc1
v3.1
v3.0-rc7
v3.0-rc6
v3.0-rc5
v3.0-rc4
v3.0-rc3
v3.0-rc2
v3.0-rc1
v3.0
v2.6.39-rc7
v2.6.39-rc6
v2.6.39-rc5
v2.6.39-rc4
v2.6.39-rc3
v2.6.39-rc2
v2.6.39-rc1
v2.6.39
v2.6.38-rc8
v2.6.38-rc7
v2.6.38-rc6
v2.6.38-rc5
v2.6.38-rc4
v2.6.38-rc3
v2.6.38-rc2
v2.6.38-rc1
v2.6.38
v2.6.37-rc8
v2.6.37-rc7
v2.6.37-rc6
v2.6.37-rc5
v2.6.37-rc4
v2.6.37-rc3
v2.6.37-rc2
v2.6.37-rc1
v2.6.37
v2.6.36-rc8
v2.6.36-rc7
v2.6.36-rc6
v2.6.36-rc5
v2.6.36-rc4
v2.6.36-rc3
v2.6.36-rc2
v2.6.36-rc1
v2.6.36
v2.6.35-rc6
v2.6.35-rc5
v2.6.35-rc4
v2.6.35-rc3
v2.6.35-rc2
v2.6.35-rc1
v2.6.35
v2.6.34-rc7
v2.6.34-rc6
v2.6.34-rc5
v2.6.34-rc4
v2.6.34-rc3
v2.6.34-rc2
v2.6.34-rc1
v2.6.34
v2.6.33-rc8
v2.6.33-rc7
v2.6.33-rc6
v2.6.33-rc5
v2.6.33-rc4
v2.6.33-rc3
v2.6.33-rc2
v2.6.33-rc1
v2.6.33
v2.6.32-rc8
v2.6.32-rc7
v2.6.32-rc6
v2.6.32-rc5
v2.6.32-rc4
v2.6.32-rc3
v2.6.32-rc1
v2.6.32
v2.6.31-rc9
v2.6.31-rc8
v2.6.31-rc7
v2.6.31-rc6
v2.6.31-rc5
v2.6.31-rc4
v2.6.31-rc3
v2.6.31-rc2
v2.6.31-rc1
v2.6.31
v2.6.30-rc8
v2.6.30-rc7
v2.6.30-rc6
v2.6.30-rc5
v2.6.30-rc4
v2.6.30-rc3
v2.6.30-rc2
v2.6.30-rc1
v2.6.30
v2.6.29-rc8
v2.6.29-rc7
v2.6.29-rc6
v2.6.29-rc5
v2.6.29-rc4
v2.6.29-rc3
v2.6.29-rc2
v2.6.29-rc1
v2.6.29
v2.6.28-rc9
v2.6.28-rc8
v2.6.28-rc7
v2.6.28-rc6
v2.6.28-rc5
v2.6.28-rc4
v2.6.28-rc3
v2.6.28-rc2
v2.6.28-rc1
v2.6.28
v2.6.27-rc9
v2.6.27-rc8
v2.6.27-rc7
v2.6.27-rc6
v2.6.27-rc5
v2.6.27-rc4
v2.6.27-rc3
v2.6.27-rc2
v2.6.27-rc1
v2.6.27
v2.6.26-rc9
v2.6.26-rc8
v2.6.26-rc7
v2.6.26-rc6
v2.6.26-rc5
v2.6.26-rc4
v2.6.26-rc3
v2.6.26-rc2
v2.6.26-rc1
v2.6.26
v2.6.25-rc9
v2.6.25-rc8
v2.6.25-rc7
v2.6.25-rc6
v2.6.25-rc5
v2.6.25-rc4
v2.6.25-rc3
v2.6.25-rc2
v2.6.25-rc1
v2.6.25
v2.6.24-rc8
v2.6.24-rc7
v2.6.24-rc6
v2.6.24-rc5
v2.6.24-rc4
v2.6.24-rc3
v2.6.24-rc2
v2.6.24-rc1
v2.6.24
v2.6.23-rc9
v2.6.23-rc8
v2.6.23-rc7
v2.6.23-rc6
v2.6.23-rc5
v2.6.23-rc4
v2.6.23-rc3
v2.6.23-rc2
v2.6.23-rc1
v2.6.23
v2.6.22-rc7
v2.6.22-rc6
v2.6.22-rc5
v2.6.22-rc4
v2.6.22-rc3
v2.6.22-rc2
v2.6.22-rc1
v2.6.22
v2.6.21-rc7
v2.6.21-rc6
v2.6.21-rc5
v2.6.21-rc4
v2.6.21-rc3
v2.6.21-rc2
v2.6.21-rc1
v2.6.21
v2.6.20-rc7
v2.6.20-rc6
v2.6.20-rc5
v2.6.20-rc4
v2.6.20-rc3
v2.6.20-rc2
v2.6.20-rc1
v2.6.20
v2.6.19-rc6
v2.6.19-rc5
v2.6.19-rc4
v2.6.19-rc3
v2.6.19-rc2
v2.6.19-rc1
v2.6.19
v2.6.18-rc7
v2.6.18-rc6
v2.6.18-rc5
v2.6.18-rc4
v2.6.18-rc3
v2.6.18-rc2
v2.6.18-rc1
v2.6.18
v2.6.17-rc6
v2.6.17-rc5
v2.6.17-rc4
v2.6.17-rc3
v2.6.17-rc2
v2.6.17-rc1
v2.6.17
v2.6.16-rc6
v2.6.16-rc5
v2.6.16-rc4
v2.6.16-rc3
v2.6.16-rc2
v2.6.16-rc1
v2.6.16
v2.6.15-rc7
v2.6.15-rc6
v2.6.15-rc5
v2.6.15-rc4
v2.6.15-rc3
v2.6.15-rc2
v2.6.15-rc1
v2.6.15
v2.6.14-rc5
v2.6.14-rc4
v2.6.14-rc3
v2.6.14-rc2
v2.6.14-rc1
v2.6.14
v2.6.13-rc7
v2.6.13-rc6
v2.6.13-rc5
v2.6.13-rc4
v2.6.13-rc3
v2.6.13-rc2
v2.6.13-rc1
v2.6.13
v2.6.12-rc6
v2.6.12-rc5
v2.6.12-rc4
v2.6.12-rc3
v2.6.12-rc2
v2.6.12
v2.6.11-tree

f5fa04a
/

History

Cook and download a directory from the Software Heritage Vault

You have requested the cooking of the directory with identifier swh:1:dir:f5fa04ab4f52467197692f6ddf3cb56d5908595e into a standard tar.gz archive.

Are you sure you want to continue ?

(Optional) Send download link once it is available to that email address:

Download a directory from the Software Heritage Vault

You have requested the download of the directory with identifier swh:1:dir:f5fa04ab4f52467197692f6ddf3cb56d5908595e as a standard tar.gz archive.

Are you sure you want to continue ?

Cook and download a revision from the Software Heritage Vault

You have requested the cooking of the history heading to revision with identifier swh:1:rev:5e1f54201cb481f40a04bc47e1bc8c093a189e23 into a bare git archive.

Are you sure you want to continue ?

(Optional) Send download link once it is available to that email address:

Download a revision from the Software Heritage Vault

You have requested the download of the history heading to revision with identifier swh:1:rev:5e1f54201cb481f40a04bc47e1bc8c093a189e23 as a bare git archive.

Are you sure you want to continue ?

Invalid Email !

The provided email is not well-formed.

Download link has expired

The requested archive is no longer available for download from the Software Heritage Vault.

Do you want to cook it again ?

Take a new snapshot of a software origin

If the archived software origin currently browsed is not synchronized with its upstream version (for instance when new commits have been issued), you can explicitly request Software Heritage to take a new snapshot of it.

Use the form below to proceed. Once a request has been submitted and accepted, it will be processed as soon as possible. You can then check its processing state by visiting this dedicated page.

Visit type

Origin url

Processing "take a new snapshot" request ...

Permalinks

To reference or cite the objects present in the Software Heritage archive, permalinks based on SoftWare Hash IDentifiers (SWHIDs) must be used.
Select below a type of object currently browsed in order to display its associated SWHID and permalink.

revision
directory
snapshot

swh:1:rev:5e1f54201cb481f40a04bc47e1bc8c093a189e23

Add contextual information

Iframe embedding

swh:1:dir:f5fa04ab4f52467197692f6ddf3cb56d5908595e

Add contextual information

swh:1:snp:0424f14fb59df2ee63d8659da5115ce9de06a349

Add contextual information

Tip revision: 5e1f54201cb481f40a04bc47e1bc8c093a189e23 authored by Neal Cardwell on 09 December 2012, 11:09:54 UTC
inet_diag: validate port comparison byte code to prevent unsafe reads

Tip revision: 5e1f542

File	Mode	Size
Documentation
arch
block
crypto
drivers
firmware
fs
include
init
ipc
kernel
lib
mm
net
samples
scripts
security
sound
tools
usr
virt
.gitignore	-rw-r--r--	1.1 KB
.mailmap	-rw-r--r--	4.4 KB
COPYING	-rw-r--r--	18.3 KB
CREDITS	-rw-r--r--	92.8 KB
Kbuild	-rw-r--r--	2.5 KB
Kconfig	-rw-r--r--	252 bytes
MAINTAINERS	-rw-r--r--	224.8 KB
Makefile	-rw-r--r--	46.7 KB
README	-rw-r--r--	18.2 KB
REPORTING-BUGS	-rw-r--r--	3.3 KB

The diff you're trying to view is too large. Only the first 1000 changed files have been loaded.

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...

https://github.com/torvalds/linux

inet_diag: validate port comparison byte code to prevent unsafe reads

README