Pandora Sourcecodes - pandora-kernel.git/commit

author	Eric Dumazet <edumazet@google.com>
	Fri, 3 Feb 2017 08:03:26 +0000 (00:03 -0800)
committer	Ben Hutchings <ben@decadent.org.uk>
	Thu, 16 Mar 2017 02:18:47 +0000 (02:18 +0000)
commit	530bcee641bd3729f6dc7c36e265df11997fcf54
tree	ad7878b445127d122665e8516c311061968aeed1	tree \| snapshot
parent	d03091de08cdf65967129cbe9fc54dc92356c581	commit \| diff

netlabel: out of bound access in cipso_v4_validate()

commit d71b7896886345c53ef1d84bda2bc758554f5d61 upstream.

syzkaller found another out of bound access in ip_options_compile(),
or more exactly in cipso_v4_validate()

Fixes: 20e2a8648596 ("cipso: handle CIPSO options correctly when NetLabel is disabled")
Fixes: 446fda4f2682 ("[NetLabel]: CIPSOv4 engine")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

include/net/cipso_ipv4.h		diff \| blob \| history
net/ipv4/cipso_ipv4.c		diff \| blob \| history