stvnliu/cloned/linux.git - cloned Linux kernel tree

diff options

author	Dan Carpenter <dan.carpenter@linaro.org>	2024-12-13 12:47:27 +0300
committer	Jakub Kicinski <kuba@kernel.org>	2024-12-16 18:08:11 -0800
commit	fbbd84af6ba70334335bdeba3ae536cf751c14c6 (patch)
tree	60370dad7d4b5f44f5fd1dee85027cb9536793b5 /net/unix/sysctl_net_unix.c
parent	c8eb0c3ffde699c981449f8b86da12df577c46b9 (diff)
download	linux-fbbd84af6ba70334335bdeba3ae536cf751c14c6.tar.gz linux-fbbd84af6ba70334335bdeba3ae536cf751c14c6.tar.bz2 linux-fbbd84af6ba70334335bdeba3ae536cf751c14c6.zip

chelsio/chtls: prevent potential integer overflow on 32bit

The "gl->tot_len" variable is controlled by the user. It comes from process_responses(). On 32bit systems, the "gl->tot_len + sizeof(struct cpl_pass_accept_req) + sizeof(struct rss_header)" addition could have an integer wrapping bug. Use size_add() to prevent this. Fixes: a08943947873 ("crypto: chtls - Register chtls with net tls") Cc: stable@vger.kernel.org Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Reviewed-by: Simon Horman <horms@kernel.org> Link: https://patch.msgid.link/c6bfb23c-2db2-4e1b-b8ab-ba3925c82ef5@stanley.mountain Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Diffstat (limited to 'net/unix/sysctl_net_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: