net: add validation for the socket syscall protocol argument

[pandora-kernel.git] / net / ipv4 / af_inet.c

diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index 1b5096a..e2ab968 100644 (file)
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -226,8 +226,12 @@ EXPORT_SYMBOL(inet_listen);
 u32 inet_ehash_secret __read_mostly;
 EXPORT_SYMBOL(inet_ehash_secret);
 
+u32 ipv6_hash_secret __read_mostly;
+EXPORT_SYMBOL(ipv6_hash_secret);
+
 /*
- * inet_ehash_secret must be set exactly once
+ * inet_ehash_secret must be set exactly once, and to a non nul value
+ * ipv6_hash_secret must be set exactly once.
  */
 void build_ehash_secret(void)
 {
@@ -237,7 +241,8 @@ void build_ehash_secret(void)
                get_random_bytes(&rnd, sizeof(rnd));
        } while (rnd == 0);
 
-       cmpxchg(&inet_ehash_secret, 0, rnd);
+       if (cmpxchg(&inet_ehash_secret, 0, rnd) == 0)
+               get_random_bytes(&ipv6_hash_secret, sizeof(ipv6_hash_secret));
 }
 EXPORT_SYMBOL(build_ehash_secret);
 
@@ -274,6 +279,9 @@ static int inet_create(struct net *net, struct socket *sock, int protocol,
        int try_loading_module = 0;
        int err;
 
+       if (protocol < 0 || protocol >= IPPROTO_MAX)
+               return -EINVAL;
+
        if (unlikely(!inet_ehash_secret))
                if (sock->type != SOCK_RAW && sock->type != SOCK_DGRAM)
                        build_ehash_secret();