This v2 series fix incorrent parameter validation in *_get_sockopt()
functions in several places.
version 2 changes:
- reword the patch description
- add two patches for net/kcm and net/x25
Gavrilov Ilia (6):
tcp: fix incorrect parameter validation in the do_tcp_getsockopt()
function@@
udp: fix incorrect parameter validation in the udp_lib_getsockopt()
function@@
ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt()
function@@
l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt()
function@@
net: kcm: fix incorrect parameter validation in the kcm_getsockopt)
function@@
net/x25: fix incorrect parameter validation in the x25_getsockopt()
function@@
net/ipv4/ipmr.c | 4 +++-
net/ipv4/tcp.c | 4 ++--
net/ipv4/udp.c | 4 ++--
net/kcm/kcmsock.c | 3 ++-
net/l2tp/l2tp_ppp.c | 4 ++--
net/x25/af_x25.c | 4 ++--
6 files changed, 13 insertions(+), 10 deletions(-)
--
2.39.2
The 'len' variable can't be negative when assigned the result of
'min_t' because all 'min_t' parameters are cast to unsigned int,
and then the minimum one is chosen.
To fix the logic, check 'len' as read from 'optlen',
where the types of relevant variables are (signed) int.
Fixes: 3557baabf280 ("[L2TP]: PPP over L2TP driver core")
Reviewed-by: Tom Parkin <[email protected]>
Signed-off-by: Gavrilov Ilia <[email protected]>
---
V2:
- reword the patch description
net/l2tp/l2tp_ppp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index f011af6601c9..6146e4e67bbb 100644
--- a/net/l2tp/l2tp_ppp.c
+++ b/net/l2tp/l2tp_ppp.c
@@ -1356,11 +1356,11 @@ static int pppol2tp_getsockopt(struct socket *sock, int level, int optname,
if (get_user(len, optlen))
return -EFAULT;
- len = min_t(unsigned int, len, sizeof(int));
-
if (len < 0)
return -EINVAL;
+ len = min_t(unsigned int, len, sizeof(int));
+
err = -ENOTCONN;
if (!sk->sk_user_data)
goto end;
--
2.39.2
Hello:
This series was applied to netdev/net-next.git (main)
by David S. Miller <[email protected]>:
On Thu, 7 Mar 2024 14:23:49 +0000 you wrote:
> This v2 series fix incorrent parameter validation in *_get_sockopt()
> functions in several places.
>
> version 2 changes:
> - reword the patch description
> - add two patches for net/kcm and net/x25
>
> [...]
Here is the summary with links:
- [net-next,v2,1/6] tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function
https://git.kernel.org/netdev/net-next/c/716edc9706de
- [net-next,v2,2/6] udp: fix incorrect parameter validation in the udp_lib_getsockopt() function
https://git.kernel.org/netdev/net-next/c/4bb3ba7b74fc
- [net-next,v2,3/6] ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function
https://git.kernel.org/netdev/net-next/c/5c3be3e0eb44
- [net-next,v2,4/6] l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function
https://git.kernel.org/netdev/net-next/c/955e9876ba4e
- [net-next,v2,5/6] net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function
https://git.kernel.org/netdev/net-next/c/3ed5f415133f
- [net-next,v2,6/6] net/x25: fix incorrect parameter validation in the x25_getsockopt() function
https://git.kernel.org/netdev/net-next/c/d6eb8de2015f
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html