Revision - b98b0bc - net: avoid signed overflows for SO_{SND|RCV}BUFFORCE - origin: https://github.com/torvalds/linux

visit type:

https://github.com/torvalds/linux

23 October 2021, 00:29:24 UTC

Code
Branches (1)
Releases (717)
Visits

Revision b98b0bc8c431e3ceb4b26b0dfc8db509518fb290 authored by Eric Dumazet on 02 December 2016, 17:44:53 UTC, committed by David S. Miller on 02 December 2016, 19:10:14 UTC

net: avoid signed overflows for SO_{SND|RCV}BUFFORCE

CAP_NET_ADMIN users should not be allowed to set negative
sk_sndbuf or sk_rcvbuf values, as it can lead to various memory
corruptions, crashes, OOM...

Note that before commit 82981930125a ("net: cleanups in
sock_setsockopt()"), the bug was even more serious, since SO_SNDBUF
and SO_RCVBUF were vulnerable.

This needs to be backported to all known linux kernels.

Again, many thanks to syzkaller team for discovering this gem.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

1 parent 5b01014

Files
Changes

Branches
Releases

HEAD
refs/heads/master
b98b0bc8c431e3ceb4b26b0dfc8db509518fb290

v5.9-rc8
v5.9-rc7
v5.9-rc6
v5.9-rc5
v5.9-rc4
v5.9-rc3
v5.9-rc2
v5.9-rc1
v5.9
v5.8-rc7
v5.8-rc6
v5.8-rc5
v5.8-rc4
v5.8-rc3
v5.8-rc2
v5.8-rc1
v5.8
v5.7-rc7
v5.7-rc6
v5.7-rc5
v5.7-rc4
v5.7-rc3
v5.7-rc2
v5.7-rc1
v5.7
v5.6-rc7
v5.6-rc6
v5.6-rc5
v5.6-rc4
v5.6-rc3
v5.6-rc2
v5.6-rc1
v5.6
v5.5-rc7
v5.5-rc6
v5.5-rc5
v5.5-rc4
v5.5-rc3
v5.5-rc2
v5.5-rc1
v5.5
v5.4-rc8
v5.4-rc7
v5.4-rc6
v5.4-rc5
v5.4-rc4
v5.4-rc3
v5.4-rc2
v5.4-rc1
v5.4
v5.3-rc8
v5.3-rc7
v5.3-rc6
v5.3-rc5
v5.3-rc4
v5.3-rc3
v5.3-rc2
v5.3-rc1
v5.3
v5.2-rc7
v5.2-rc6
v5.2-rc5
v5.2-rc4
v5.2-rc3
v5.2-rc2
v5.2-rc1
v5.2
v5.15-rc6
v5.15-rc5
v5.15-rc4
v5.15-rc3
v5.15-rc2
v5.15-rc1
v5.14-rc7
v5.14-rc6
v5.14-rc5
v5.14-rc4
v5.14-rc3
v5.14-rc2
v5.14-rc1
v5.14
v5.13-rc7
v5.13-rc6
v5.13-rc5
v5.13-rc4
v5.13-rc3
v5.13-rc2
v5.13-rc1
v5.13
v5.12-rc8
v5.12-rc7
v5.12-rc6
v5.12-rc5
v5.12-rc4
v5.12-rc3
v5.12-rc2
v5.12-rc1
v5.12
v5.11-rc7
v5.11-rc6
v5.11-rc5
v5.11-rc4
v5.11-rc3
v5.11-rc2
v5.11-rc1
v5.11
v5.10-rc7
v5.10-rc6
v5.10-rc5
v5.10-rc4
v5.10-rc3
v5.10-rc2
v5.10-rc1
v5.10
v5.1-rc7
v5.1-rc6
v5.1-rc5
v5.1-rc4
v5.1-rc3
v5.1-rc2
v5.1-rc1
v5.1
v5.0-rc8
v5.0-rc7
v5.0-rc6
v5.0-rc5
v5.0-rc4
v5.0-rc3
v5.0-rc2
v5.0-rc1
v5.0
v4.9-rc8
v4.9-rc7
v4.9-rc6
v4.9-rc5
v4.9-rc4
v4.9-rc3
v4.9-rc2
v4.9-rc1
v4.9
v4.8-rc8
v4.8-rc7
v4.8-rc6
v4.8-rc5
v4.8-rc4
v4.8-rc3
v4.8-rc2
v4.8-rc1
v4.8
v4.7-rc7
v4.7-rc6
v4.7-rc5
v4.7-rc4
v4.7-rc3
v4.7-rc2
v4.7-rc1
v4.7
v4.6-rc7
v4.6-rc6
v4.6-rc5
v4.6-rc4
v4.6-rc3
v4.6-rc2
v4.6-rc1
v4.6
v4.5-rc7
v4.5-rc6
v4.5-rc5
v4.5-rc4
v4.5-rc3
v4.5-rc2
v4.5-rc1
v4.5
v4.4-rc8
v4.4-rc7
v4.4-rc6
v4.4-rc5
v4.4-rc4
v4.4-rc3
v4.4-rc2
v4.4-rc1
v4.4
v4.3-rc7
v4.3-rc6
v4.3-rc5
v4.3-rc4
v4.3-rc3
v4.3-rc2
v4.3-rc1
v4.3
v4.20-rc7
v4.20-rc6
v4.20-rc5
v4.20-rc4
v4.20-rc3
v4.20-rc2
v4.20-rc1
v4.20
v4.2-rc8
v4.2-rc7
v4.2-rc6
v4.2-rc5
v4.2-rc4
v4.2-rc3
v4.2-rc2
v4.2-rc1
v4.2
v4.19-rc8
v4.19-rc7
v4.19-rc6
v4.19-rc5
v4.19-rc4
v4.19-rc3
v4.19-rc2
v4.19-rc1
v4.19
v4.18-rc8
v4.18-rc7
v4.18-rc6
v4.18-rc5
v4.18-rc4
v4.18-rc3
v4.18-rc2
v4.18-rc1
v4.18
v4.17-rc7
v4.17-rc6
v4.17-rc5
v4.17-rc4
v4.17-rc3
v4.17-rc2
v4.17-rc1
v4.17
v4.16-rc7
v4.16-rc6
v4.16-rc5
v4.16-rc4
v4.16-rc3
v4.16-rc2
v4.16-rc1
v4.16
v4.15-rc9
v4.15-rc8
v4.15-rc7
v4.15-rc6
v4.15-rc5
v4.15-rc4
v4.15-rc3
v4.15-rc2
v4.15-rc1
v4.15
v4.14-rc8
v4.14-rc7
v4.14-rc6
v4.14-rc5
v4.14-rc4
v4.14-rc3
v4.14-rc2
v4.14-rc1
v4.14
v4.13-rc7
v4.13-rc6
v4.13-rc5
v4.13-rc4
v4.13-rc3
v4.13-rc2
v4.13-rc1
v4.13
v4.12-rc7
v4.12-rc6
v4.12-rc5
v4.12-rc4
v4.12-rc3
v4.12-rc2
v4.12-rc1
v4.12
v4.11-rc8
v4.11-rc7
v4.11-rc6
v4.11-rc5
v4.11-rc4
v4.11-rc3
v4.11-rc2
v4.11-rc1
v4.11
v4.10-rc8
v4.10-rc7
v4.10-rc6
v4.10-rc5
v4.10-rc4
v4.10-rc3
v4.10-rc2
v4.10-rc1
v4.10
v4.1-rc8
v4.1-rc7
v4.1-rc6
v4.1-rc5
v4.1-rc4
v4.1-rc3
v4.1-rc2
v4.1-rc1
v4.1
v4.0-rc7
v4.0-rc6
v4.0-rc5
v4.0-rc4
v4.0-rc3
v4.0-rc2
v4.0-rc1
v4.0
v3.9-rc8
v3.9-rc7
v3.9-rc6
v3.9-rc5
v3.9-rc4
v3.9-rc3
v3.9-rc2
v3.9-rc1
v3.9
v3.8-rc7
v3.8-rc6
v3.8-rc5
v3.8-rc4
v3.8-rc3
v3.8-rc2
v3.8-rc1
v3.8
v3.7-rc8
v3.7-rc7
v3.7-rc6
v3.7-rc5
v3.7-rc4
v3.7-rc3
v3.7-rc2
v3.7-rc1
v3.7
v3.6-rc7
v3.6-rc6
v3.6-rc5
v3.6-rc4
v3.6-rc3
v3.6-rc2
v3.6-rc1
v3.6
v3.5-rc7
v3.5-rc6
v3.5-rc5
v3.5-rc4
v3.5-rc3
v3.5-rc2
v3.5-rc1
v3.5
v3.4-rc7
v3.4-rc6
v3.4-rc5
v3.4-rc4
v3.4-rc3
v3.4-rc2
v3.4-rc1
v3.4
v3.3-rc7
v3.3-rc6
v3.3-rc5
v3.3-rc4
v3.3-rc3
v3.3-rc2
v3.3-rc1
v3.3
v3.2-rc7
v3.2-rc6
v3.2-rc5
v3.2-rc4
v3.2-rc3
v3.2-rc2
v3.2-rc1
v3.2
v3.19-rc7
v3.19-rc6
v3.19-rc5
v3.19-rc4
v3.19-rc3
v3.19-rc2
v3.19-rc1
v3.19
v3.18-rc7
v3.18-rc6
v3.18-rc5
v3.18-rc4
v3.18-rc3
v3.18-rc2
v3.18-rc1
v3.18
v3.17-rc7
v3.17-rc6
v3.17-rc5
v3.17-rc4
v3.17-rc3
v3.17-rc2
v3.17-rc1
v3.17
v3.16-rc7
v3.16-rc6
v3.16-rc5
v3.16-rc4
v3.16-rc3
v3.16-rc2
v3.16-rc1
v3.16
v3.15-rc8
v3.15-rc7
v3.15-rc6
v3.15-rc5
v3.15-rc4
v3.15-rc3
v3.15-rc2
v3.15-rc1
v3.15
v3.14-rc8
v3.14-rc7
v3.14-rc6
v3.14-rc5
v3.14-rc4
v3.14-rc3
v3.14-rc2
v3.14-rc1
v3.14
v3.13-rc8
v3.13-rc7
v3.13-rc6
v3.13-rc5
v3.13-rc4
v3.13-rc3
v3.13-rc2
v3.13-rc1
v3.13
v3.12-rc7
v3.12-rc6
v3.12-rc5
v3.12-rc4
v3.12-rc3
v3.12-rc2
v3.12-rc1
v3.12
v3.11-rc7
v3.11-rc6
v3.11-rc5
v3.11-rc4
v3.11-rc3
v3.11-rc2
v3.11-rc1
v3.11
v3.10-rc7
v3.10-rc6
v3.10-rc5
v3.10-rc4
v3.10-rc3
v3.10-rc2
v3.10-rc1
v3.10
v3.1-rc9
v3.1-rc8
v3.1-rc7
v3.1-rc6
v3.1-rc5
v3.1-rc4
v3.1-rc3
v3.1-rc2
v3.1-rc10
v3.1-rc1
v3.1
v3.0-rc7
v3.0-rc6
v3.0-rc5
v3.0-rc4
v3.0-rc3
v3.0-rc2
v3.0-rc1
v3.0
v2.6.39-rc7
v2.6.39-rc6
v2.6.39-rc5
v2.6.39-rc4
v2.6.39-rc3
v2.6.39-rc2
v2.6.39-rc1
v2.6.39
v2.6.38-rc8
v2.6.38-rc7
v2.6.38-rc6
v2.6.38-rc5
v2.6.38-rc4
v2.6.38-rc3
v2.6.38-rc2
v2.6.38-rc1
v2.6.38
v2.6.37-rc8
v2.6.37-rc7
v2.6.37-rc6
v2.6.37-rc5
v2.6.37-rc4
v2.6.37-rc3
v2.6.37-rc2
v2.6.37-rc1
v2.6.37
v2.6.36-rc8
v2.6.36-rc7
v2.6.36-rc6
v2.6.36-rc5
v2.6.36-rc4
v2.6.36-rc3
v2.6.36-rc2
v2.6.36-rc1
v2.6.36
v2.6.35-rc6
v2.6.35-rc5
v2.6.35-rc4
v2.6.35-rc3
v2.6.35-rc2
v2.6.35-rc1
v2.6.35
v2.6.34-rc7
v2.6.34-rc6
v2.6.34-rc5
v2.6.34-rc4
v2.6.34-rc3
v2.6.34-rc2
v2.6.34-rc1
v2.6.34
v2.6.33-rc8
v2.6.33-rc7
v2.6.33-rc6
v2.6.33-rc5
v2.6.33-rc4
v2.6.33-rc3
v2.6.33-rc2
v2.6.33-rc1
v2.6.33
v2.6.32-rc8
v2.6.32-rc7
v2.6.32-rc6
v2.6.32-rc5
v2.6.32-rc4
v2.6.32-rc3
v2.6.32-rc1
v2.6.32
v2.6.31-rc9
v2.6.31-rc8
v2.6.31-rc7
v2.6.31-rc6
v2.6.31-rc5
v2.6.31-rc4
v2.6.31-rc3
v2.6.31-rc2
v2.6.31-rc1
v2.6.31
v2.6.30-rc8
v2.6.30-rc7
v2.6.30-rc6
v2.6.30-rc5
v2.6.30-rc4
v2.6.30-rc3
v2.6.30-rc2
v2.6.30-rc1
v2.6.30
v2.6.29-rc8
v2.6.29-rc7
v2.6.29-rc6
v2.6.29-rc5
v2.6.29-rc4
v2.6.29-rc3
v2.6.29-rc2
v2.6.29-rc1
v2.6.29
v2.6.28-rc9
v2.6.28-rc8
v2.6.28-rc7
v2.6.28-rc6
v2.6.28-rc5
v2.6.28-rc4
v2.6.28-rc3
v2.6.28-rc2
v2.6.28-rc1
v2.6.28
v2.6.27-rc9
v2.6.27-rc8
v2.6.27-rc7
v2.6.27-rc6
v2.6.27-rc5
v2.6.27-rc4
v2.6.27-rc3
v2.6.27-rc2
v2.6.27-rc1
v2.6.27
v2.6.26-rc9
v2.6.26-rc8
v2.6.26-rc7
v2.6.26-rc6
v2.6.26-rc5
v2.6.26-rc4
v2.6.26-rc3
v2.6.26-rc2
v2.6.26-rc1
v2.6.26
v2.6.25-rc9
v2.6.25-rc8
v2.6.25-rc7
v2.6.25-rc6
v2.6.25-rc5
v2.6.25-rc4
v2.6.25-rc3
v2.6.25-rc2
v2.6.25-rc1
v2.6.25
v2.6.24-rc8
v2.6.24-rc7
v2.6.24-rc6
v2.6.24-rc5
v2.6.24-rc4
v2.6.24-rc3
v2.6.24-rc2
v2.6.24-rc1
v2.6.24
v2.6.23-rc9
v2.6.23-rc8
v2.6.23-rc7
v2.6.23-rc6
v2.6.23-rc5
v2.6.23-rc4
v2.6.23-rc3
v2.6.23-rc2
v2.6.23-rc1
v2.6.23
v2.6.22-rc7
v2.6.22-rc6
v2.6.22-rc5
v2.6.22-rc4
v2.6.22-rc3
v2.6.22-rc2
v2.6.22-rc1
v2.6.22
v2.6.21-rc7
v2.6.21-rc6
v2.6.21-rc5
v2.6.21-rc4
v2.6.21-rc3
v2.6.21-rc2
v2.6.21-rc1
v2.6.21
v2.6.20-rc7
v2.6.20-rc6
v2.6.20-rc5
v2.6.20-rc4
v2.6.20-rc3
v2.6.20-rc2
v2.6.20-rc1
v2.6.20
v2.6.19-rc6
v2.6.19-rc5
v2.6.19-rc4
v2.6.19-rc3
v2.6.19-rc2
v2.6.19-rc1
v2.6.19
v2.6.18-rc7
v2.6.18-rc6
v2.6.18-rc5
v2.6.18-rc4
v2.6.18-rc3
v2.6.18-rc2
v2.6.18-rc1
v2.6.18
v2.6.17-rc6
v2.6.17-rc5
v2.6.17-rc4
v2.6.17-rc3
v2.6.17-rc2
v2.6.17-rc1
v2.6.17
v2.6.16-rc6
v2.6.16-rc5
v2.6.16-rc4
v2.6.16-rc3
v2.6.16-rc2
v2.6.16-rc1
v2.6.16
v2.6.15-rc7
v2.6.15-rc6
v2.6.15-rc5
v2.6.15-rc4
v2.6.15-rc3
v2.6.15-rc2
v2.6.15-rc1
v2.6.15
v2.6.14-rc5
v2.6.14-rc4
v2.6.14-rc3
v2.6.14-rc2
v2.6.14-rc1
v2.6.14
v2.6.13-rc7
v2.6.13-rc6
v2.6.13-rc5
v2.6.13-rc4
v2.6.13-rc3
v2.6.13-rc2
v2.6.13-rc1
v2.6.13
v2.6.12-rc6
v2.6.12-rc5
v2.6.12-rc4
v2.6.12-rc3
v2.6.12-rc2
v2.6.12
v2.6.11-tree

1df6d58
/
firmware
/

History

Cook and download a directory from the Software Heritage Vault

You have requested the cooking of the directory with identifier swh:1:dir:37ddad075798cb5c6094671a46935928e7cb548f into a standard tar.gz archive.

Are you sure you want to continue ?

(Optional) Send download link once it is available to that email address:

Download a directory from the Software Heritage Vault

You have requested the download of the directory with identifier swh:1:dir:37ddad075798cb5c6094671a46935928e7cb548f as a standard tar.gz archive.

Are you sure you want to continue ?

Cook and download a revision from the Software Heritage Vault

You have requested the cooking of the history heading to revision with identifier swh:1:rev:b98b0bc8c431e3ceb4b26b0dfc8db509518fb290 into a bare git archive.

Are you sure you want to continue ?

(Optional) Send download link once it is available to that email address:

Download a revision from the Software Heritage Vault

You have requested the download of the history heading to revision with identifier swh:1:rev:b98b0bc8c431e3ceb4b26b0dfc8db509518fb290 as a bare git archive.

Are you sure you want to continue ?

Invalid Email !

The provided email is not well-formed.

Download link has expired

The requested archive is no longer available for download from the Software Heritage Vault.

Do you want to cook it again ?

Take a new snapshot of a software origin

If the archived software origin currently browsed is not synchronized with its upstream version (for instance when new commits have been issued), you can explicitly request Software Heritage to take a new snapshot of it.

Use the form below to proceed. Once a request has been submitted and accepted, it will be processed as soon as possible. You can then check its processing state by visiting this dedicated page.

Visit type

Origin url

Processing "take a new snapshot" request ...

Permalinks

To reference or cite the objects present in the Software Heritage archive, permalinks based on SoftWare Hash IDentifiers (SWHIDs) must be used.
Select below a type of object currently browsed in order to display its associated SWHID and permalink.

revision
directory
snapshot

swh:1:rev:b98b0bc8c431e3ceb4b26b0dfc8db509518fb290

Add contextual information

Iframe embedding

swh:1:dir:37ddad075798cb5c6094671a46935928e7cb548f

Add contextual information

swh:1:snp:3c665ee4f67729f27f2e40193ab88e7298cf0fef

Add contextual information

Tip revision: b98b0bc8c431e3ceb4b26b0dfc8db509518fb290 authored by Eric Dumazet on 02 December 2016, 17:44:53 UTC
net: avoid signed overflows for SO_{SND|RCV}BUFFORCE

Tip revision: b98b0bc

File	Mode	Size
3com
acenic
adaptec
advansys
av7110
bnx2
bnx2x
cis
cpia2
cxgb3
dsp56k
e100
edgeport
emi26
emi62
ess
kaweth
keyspan
keyspan_pda
korg
matrox
myricom
ositech
qlogic
r128
radeon
sb16
sun
tehuti
tigon
ttusb-budget
vicam
yam
yamaha
.gitignore	-rw-r--r--	39 bytes
Makefile	-rw-r--r--	10.9 KB
README.AddingFirmware	-rw-r--r--	1.7 KB
WHENCE	-rw-r--r--	26.3 KB
atmsar11.HEX	-rw-r--r--	18.7 KB
ihex2fw.c	-rw-r--r--	6.6 KB
mts_cdma.fw.ihex	-rw-r--r--	37.2 KB
mts_edge.fw.ihex	-rw-r--r--	37.8 KB
mts_gsm.fw.ihex	-rw-r--r--	37.2 KB
ti_3410.fw.ihex	-rw-r--r--	37.0 KB
ti_5052.fw.ihex	-rw-r--r--	37.0 KB
whiteheat.HEX	-rw-r--r--	43.9 KB
whiteheat_loader.HEX	-rw-r--r--	11.8 KB
whiteheat_loader_debug.HEX	-rw-r--r--	17.2 KB

The diff you're trying to view is too large. Only the first 1000 changed files have been loaded.

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...

https://github.com/torvalds/linux

net: avoid signed overflows for SO_{SND|RCV}BUFFORCE

README.AddingFirmware