forked from luck/tmp_suning_uos_patched
ipv6: Disallow rediculious flowlabel option sizes.
Just like PKTINFO, limit the options area to 64K. Based upon report by Eric Sesterhenn and analysis by Roland Dreier. Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
a23f4bbd8d
commit
684de409ac
|
@ -323,17 +323,21 @@ static struct ip6_flowlabel *
|
|||
fl_create(struct net *net, struct in6_flowlabel_req *freq, char __user *optval,
|
||||
int optlen, int *err_p)
|
||||
{
|
||||
struct ip6_flowlabel *fl;
|
||||
struct ip6_flowlabel *fl = NULL;
|
||||
int olen;
|
||||
int addr_type;
|
||||
int err;
|
||||
|
||||
olen = optlen - CMSG_ALIGN(sizeof(*freq));
|
||||
err = -EINVAL;
|
||||
if (olen > 64 * 1024)
|
||||
goto done;
|
||||
|
||||
err = -ENOMEM;
|
||||
fl = kzalloc(sizeof(*fl), GFP_KERNEL);
|
||||
if (fl == NULL)
|
||||
goto done;
|
||||
|
||||
olen = optlen - CMSG_ALIGN(sizeof(*freq));
|
||||
if (olen > 0) {
|
||||
struct msghdr msg;
|
||||
struct flowi flowi;
|
||||
|
|
Loading…
Reference in New Issue
Block a user