1
linux/net/sched
Dan Carpenter 0eff683f73 net/sched: potential data corruption
The reset_policy() does:
        memset(d->tcfd_defdata, 0, SIMP_MAX_DATA);
        strlcpy(d->tcfd_defdata, defdata, SIMP_MAX_DATA);

In the original code, the size of d->tcfd_defdata wasn't fixed and if
strlen(defdata) was less than 31, reset_policy() would cause memory
corruption.

Please Note:  The original alloc_defdata() assumes defdata is 32
characters and a NUL terminator while reset_policy() assumes defdata is
31 characters and a NUL.  This patch updates alloc_defdata() to match
reset_policy() (ie a shorter string).  I'm not very familiar with this
code so please review carefully.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Acked-by: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-07-14 17:56:37 -07:00
..
act_api.c pkt_sched: gen_kill_estimator() rcu fixes 2010-06-11 18:37:08 -07:00
act_gact.c net sched: printk message severity 2010-05-17 23:23:12 -07:00
act_ipt.c net sched: printk message severity 2010-05-17 23:23:12 -07:00
act_mirred.c act_mirred: combine duplicate code 2010-06-30 12:12:36 -07:00
act_nat.c act_nat: use stack variable 2010-06-30 12:12:37 -07:00
act_pedit.c net sched: make pedit check for clones instead 2010-06-07 01:10:43 -07:00
act_police.c pkt_sched: gen_kill_estimator() rcu fixes 2010-06-11 18:37:08 -07:00
act_simple.c net/sched: potential data corruption 2010-07-14 17:56:37 -07:00
act_skbedit.c
cls_api.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-04-11 14:53:53 -07:00
cls_basic.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
cls_cgroup.c cls_cgroup: Store classid in struct sock 2010-05-24 00:12:34 -07:00
cls_flow.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
cls_fw.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
cls_route.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
cls_rsvp6.c
cls_rsvp.c
cls_rsvp.h net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
cls_tcindex.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
cls_u32.c cls_u32: use skb_header_pointer() to dereference data safely 2010-06-02 07:32:42 -07:00
em_cmp.c
em_meta.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
em_nbyte.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
em_text.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
em_u32.c
ematch.c net sched: printk message severity 2010-05-17 23:23:12 -07:00
Kconfig cgroups: net_cls as module 2010-03-23 13:06:14 -07:00
Makefile
sch_api.c net_sched: Fix qdisc_notify() 2010-05-23 23:11:07 -07:00
sch_atm.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_blackhole.c
sch_cbq.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_drr.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_dsmark.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_fifo.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_generic.c net: add additional lock to qdisc to increase throughput 2010-06-02 05:09:29 -07:00
sch_gred.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_hfsc.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sch_htb.c htb: remove two unnecessary assignments 2010-06-07 01:08:11 -07:00
sch_ingress.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sch_mq.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sch_multiq.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sch_netem.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
sch_prio.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sch_red.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
sch_sfq.c net: Fix various endianness glitches 2010-04-20 19:06:52 -07:00
sch_tbf.c tbf: stop wanton destruction of children (v2) 2010-05-17 17:44:35 -07:00
sch_teql.c Clear IFF_XMIT_DST_RELEASE for teql interfaces 2010-06-16 14:47:30 -07:00