1
linux/net/ipv4
Chris Wright ddb2c43594 asn1: additional sanity checking during BER decoding
- Don't trust a length which is greater than the working buffer.
  An invalid length could cause overflow when calculating buffer size
  for decoding oid.

- An oid length of zero is invalid and allows for an off-by-one error when
  decoding oid because the first subid actually encodes first 2 subids.

- A primitive encoding may not have an indefinite length.

Thanks to Wei Wang from McAfee for report.

Cc: Steven French <sfrench@us.ibm.com>
Cc: stable@kernel.org
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-06-05 14:24:54 -07:00
..
ipvs ipvs: fix oops in backup for fwmark conn templates 2008-04-29 03:21:23 -07:00
netfilter asn1: additional sanity checking during BER decoding 2008-06-05 14:24:54 -07:00
af_inet.c Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
ah4.c
arp.c net/ipv4/arp.c: Use common hex_asc helpers 2008-05-21 17:34:32 -07:00
cipso_ipv4.c cipso: Relax too much careful cipso hash function. 2008-05-13 23:23:55 -07:00
datagram.c
devinet.c route: Remove unused ifa_anycast field 2008-06-03 16:37:33 -07:00
esp4.c
fib_frontend.c route: Mark unused routing attributes as such 2008-06-03 16:36:27 -07:00
fib_hash.c [NET]: Fix heavy stack usage in seq_file output routines. 2008-04-24 01:02:16 -07:00
fib_lookup.h
fib_rules.c
fib_semantics.c [NETNS]: Add netns refcnt debug into fib_info. 2008-04-16 02:00:50 -07:00
fib_trie.c [NET]: Fix heavy stack usage in seq_file output routines. 2008-04-24 01:02:16 -07:00
icmp.c ipv4: Update MTU to all related cache entries in ip_rt_frag_needed() 2008-04-29 03:32:25 -07:00
igmp.c net: Allow netdevices to specify needed head/tailroom 2008-05-12 20:48:31 -07:00
inet_connection_sock.c [SOCK]: Add some notes about per-bind-bucket sock lookup. 2008-04-14 02:42:27 -07:00
inet_diag.c
inet_fragment.c
inet_hashtables.c [INET]: Uninline the __inet_inherit_port call. 2008-04-17 23:18:15 -07:00
inet_lro.c
inet_timewait_sock.c [NETNS]: Add netns refcnt debug for timewait buckets. 2008-04-16 02:00:28 -07:00
inetpeer.c
ip_forward.c
ip_fragment.c [IPV4]: Use NIPQUAD_FMT to format ipv4 addresses. 2008-04-14 04:09:00 -07:00
ip_gre.c net: The world is not perfect patch. 2008-05-21 17:47:54 -07:00
ip_input.c net/ipv4: correct RFC 1122 section reference in comment 2008-05-08 01:11:04 -07:00
ip_options.c [IPV4]: Convert do_gettimeofday() to getnstimeofday(). 2008-04-21 02:34:08 -07:00
ip_output.c [IPv4] UFO: prevent generation of chained skb destined to UFO device 2008-04-29 22:36:30 -07:00
ip_sockglue.c net: Add compat support for getsockopt (MCAST_MSFILTER) 2008-04-29 03:23:22 -07:00
ipcomp.c net: Remove unnecessary inclusions of asm/semaphore.h 2008-04-18 22:15:50 -04:00
ipconfig.c net: Allow netdevices to specify needed head/tailroom 2008-05-12 20:48:31 -07:00
ipip.c net: The world is not perfect patch. 2008-05-21 17:47:54 -07:00
ipmr.c
Kconfig Documentation: move nfsroot.txt to filesystems/ 2008-04-11 13:18:01 -06:00
Makefile
netfilter.c [NETFILTER]: Add partial checksum validation helper 2008-04-14 11:15:49 +02:00
proc.c
protocol.c
raw.c raw: Raw socket leak. 2008-06-04 15:16:12 -07:00
route.c route: Mark unused route cache flags as such. 2008-06-03 16:36:01 -07:00
syncookies.c [Syncookies]: Add support for TCP options via timestamps. 2008-04-10 03:12:40 -07:00
sysctl_net_ipv4.c
tcp_bic.c
tcp_cong.c tcp: Limit cwnd growth when deferring for GSO 2008-04-29 03:13:52 -07:00
tcp_cubic.c rename div64_64 to div64_u64 2008-05-01 08:03:58 -07:00
tcp_diag.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c net: fix returning void-valued expression warnings 2008-05-01 02:47:38 -07:00
tcp_illinois.c
tcp_input.c tcp: fix skb vs fack_count out-of-sync condition 2008-06-04 12:07:44 -07:00
tcp_ipv4.c ipv4: assign PDE->data before gluing PDE into /proc tree 2008-05-02 04:10:08 -07:00
tcp_lp.c
tcp_minisocks.c
tcp_output.c tcp: Increment OUTRSTS in tcp_send_active_reset() 2008-06-04 15:19:35 -07:00
tcp_probe.c tcp: tcp_probe buffer overflow and incorrect return value 2008-04-24 21:11:58 -07:00
tcp_scalable.c
tcp_timer.c [TCP]: Format addresses appropriately in debug messages. 2008-04-14 04:09:36 -07:00
tcp_vegas.c net: fix returning void-valued expression warnings 2008-05-01 02:47:38 -07:00
tcp_vegas.h
tcp_veno.c net: fix returning void-valued expression warnings 2008-05-01 02:47:38 -07:00
tcp_westwood.c
tcp_yeah.c
tcp.c tcp: Fix for race due to temporary drop of the socket lock in skb_splice_bits. 2008-06-04 15:45:58 -07:00
tunnel4.c [IPV4] TUNNEL4: Fix incoming packet length check for inter-protocol tunnel. 2008-06-05 04:02:33 +09:00
udp_impl.h
udp.c [IPV6]: inet_sk(sk)->cork.opt leak 2008-06-05 04:02:38 +09:00
udplite.c
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c
xfrm4_state.c
xfrm4_tunnel.c