Skip to content
Commit c7fd0d48 authored by Matthew Daley's avatar Matthew Daley Committed by David S. Miller
Browse files

x25: Validate incoming call user data lengths 

X.25 call user data is being copied in its entirety from incoming messages
without consideration to the size of the destination buffers, leading to
possible buffer overflows. Validate incoming call user data lengths before
these copies are performed.

It appears this issue was noticed some time ago, however nothing seemed to
come of it: see http://www.spinics.net/lists/linux-x25/msg00043.html and
commit 8db09f26

.

Signed-off-by: default avatarMatthew Daley <mattjd@gmail.com>
Acked-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
Tested-by: default avatarAndrew Hendry <andrew.hendry@gmail.com>
Cc: stable <stable@kernel.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent f36c23bb
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment