Re: [PATCH] sctp: integer overflow in sctp_auth_create_key()

From: David Miller
Date: Tue Nov 29 2011 - 01:19:56 EST

Next message: Cyrill Gorcunov: "Re: [RFC] prctl: Add PR_ codes to restore vDSO and tune up mm_structentires"
Previous message: Tanmay Inamdar: "Re: [PATCH] powerpc/40x: Add APM8018X SOC support"
In reply to: David Miller: "Re: [PATCH v2] sctp: better integer overflow check insctp_auth_create_key()"
Next in thread: Xi Wang: "Re: [PATCH] sctp: integer overflow in sctp_auth_create_key()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Xi Wang <xi.wang@xxxxxxxxx>
Date: Tue, 22 Nov 2011 20:55:30 -0500

> The previous commit 30c2235c is incomplete and cannot prevent integer
> overflows. For example, when key_len is 0x80000000 (INT_MAX + 1), the
> left-hand side of the check, (INT_MAX - key_len), which is unsigned,
> becomes 0xffffffff (UINT_MAX) and bypasses the check.
>
> Signed-off-by: Xi Wang <xi.wang@xxxxxxxxx>

Applied, but I had to apply your patch by hand because it was
corrupted by your email client.

Please fix this problem because I am not applying any other patch
you've submitted which has this issue.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Cyrill Gorcunov: "Re: [RFC] prctl: Add PR_ codes to restore vDSO and tune up mm_structentires"
Previous message: Tanmay Inamdar: "Re: [PATCH] powerpc/40x: Add APM8018X SOC support"
In reply to: David Miller: "Re: [PATCH v2] sctp: better integer overflow check insctp_auth_create_key()"
Next in thread: Xi Wang: "Re: [PATCH] sctp: integer overflow in sctp_auth_create_key()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]