summaryrefslogtreecommitdiffstats
path: root/crypto/chainiv.c
diff options
context:
space:
mode:
authorandrew hendry <andrew.hendry@gmail.com>2011-02-07 00:08:15 +0000
committerDavid S. Miller <davem@davemloft.net>2011-02-07 13:41:38 -0800
commit95c3043008ca8449feb96aba5481fe31c2ea750b (patch)
tree1a80c238a56c1dc22a8b962f98ee1af363186e64 /crypto/chainiv.c
parent711c914688163dbe757c174788e20695088478e5 (diff)
downloadlinux-95c3043008ca8449feb96aba5481fe31c2ea750b.tar.gz
linux-95c3043008ca8449feb96aba5481fe31c2ea750b.tar.bz2
linux-95c3043008ca8449feb96aba5481fe31c2ea750b.zip
x25: possible skb leak on bad facilities
Originally x25_parse_facilities returned -1 for an error 0 meaning 0 length facilities >0 the length of the facilities parsed. 5ef41308f94dc ("x25: Prevent crashing when parsing bad X.25 facilities") introduced more error checking in x25_parse_facilities however used 0 to indicate bad parsing a6331d6f9a429 ("memory corruption in X.25 facilities parsing") followed this further for DTE facilities, again using 0 for bad parsing. The meaning of 0 got confused in the callers. If the facilities are messed up we can't determine where the data starts. So patch makes all parsing errors return -1 and ensures callers close and don't use the skb further. Reported-by: Andy Whitcroft <apw@canonical.com> Signed-off-by: Andrew Hendry <andrew.hendry@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'crypto/chainiv.c')
0 files changed, 0 insertions, 0 deletions