[PATCH] Fix ROSE security hole

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] Fix ROSE security hole
@ 2005-03-02  9:06 Ralf Baechle
  2005-03-11  3:47 ` David S. Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Ralf Baechle @ 2005-03-02  9:06 UTC (permalink / raw)
  To: netdev

ROSE wasn't verifying the ndigis argument of a new route resulting in a
minor security hole.

Index: bk-afu/net/rose/rose_route.c
===================================================================
--- bk-afu.orig/net/rose/rose_route.c	2005-02-05 22:16:25.582983368 +0000
+++ bk-afu/net/rose/rose_route.c	2005-02-05 22:16:25.585982912 +0000
@@ -727,7 +727,8 @@
 		}
 		if (rose_route.mask > 10) /* Mask can't be more than 10 digits */
 			return -EINVAL;
-
+		if (rose_route.ndigis > 8) /* No more than 8 digipeats */
+			return -EINVAL;
 		err = rose_add_node(&rose_route, dev);
 		dev_put(dev);
 		return err;

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] Fix ROSE security hole
  2005-03-02  9:06 [PATCH] Fix ROSE security hole Ralf Baechle
@ 2005-03-11  3:47 ` David S. Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David S. Miller @ 2005-03-11  3:47 UTC (permalink / raw)
  To: Ralf Baechle; +Cc: netdev

On Wed, 2 Mar 2005 09:06:58 +0000
Ralf Baechle <ralf@linux-mips.org> wrote:

> ROSE wasn't verifying the ndigis argument of a new route resulting in a
> minor security hole.

Also applied, thanks Ralf.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2005-03-11  3:47 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-03-02  9:06 [PATCH] Fix ROSE security hole Ralf Baechle
2005-03-11  3:47 ` David S. Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).