mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-11-01 17:08:10 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/netlabel
History
Paul Moore 5578de4834 netlabel: fix out-of-bounds memory accesses 
There are two array out-of-bounds memory accesses, one in
cipso_v4_map_lvl_valid(), the other in netlbl_bitmap_walk().  Both
errors are embarassingly simple, and the fixes are straightforward.

As a FYI for anyone backporting this patch to kernels prior to v4.8,
you'll want to apply the netlbl_bitmap_walk() patch to
cipso_v4_bitmap_walk() as netlbl_bitmap_walk() doesn't exist before
Linux v4.8.

Reported-by: Jann Horn <jannh@google.com>
Fixes: 446fda4f26 ("[NetLabel]: CIPSOv4 engine")
Fixes: 3faa8f982f ("netlabel: Move bitmap manipulation functions to the NetLabel core.")
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-02-27 21:45:24 -08:00
..
Kconfig calipso: Set the calipso socket label to match the secattr. 2016-06-27 15:02:51 -04:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
netlabel_addrlist.c
netlabel_addrlist.h net/netlabel: Add list_next_rcu() in rcu_dereference(). 2017-11-18 10:32:41 +09:00
netlabel_calipso.c locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE() 2017-10-25 11:01:08 +02:00
netlabel_calipso.h calipso: Add a label cache. 2016-06-27 15:06:17 -04:00
netlabel_cipso_v4.c netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
netlabel_cipso_v4.h
netlabel_domainhash.c netlabel: Implement CALIPSO config functions for SMACK. 2016-06-27 15:06:18 -04:00
netlabel_domainhash.h netlabel: Implement CALIPSO config functions for SMACK. 2016-06-27 15:06:18 -04:00
netlabel_kapi.c netlabel: fix out-of-bounds memory accesses 2019-02-27 21:45:24 -08:00
netlabel_mgmt.c genetlink: mark families as __ro_after_init 2016-10-27 16:16:09 -04:00
netlabel_mgmt.h netlabel: Add support for creating a CALIPSO protocol domain mapping. 2016-06-27 15:02:49 -04:00
netlabel_unlabeled.c netlabel: check for IPV4MASK in addrinfo_get 2018-09-21 18:58:34 -07:00
netlabel_unlabeled.h
netlabel_user.c audit: eliminate audit_enabled magic number comparison 2018-06-19 10:43:55 -04:00
netlabel_user.h