netdev
[Top] [All Lists]

[PATCH] Trivial fix for out of bounds array access in xfrm4_policy_check

To: netdev@xxxxxxxxxxx
Subject: [PATCH] Trivial fix for out of bounds array access in xfrm4_policy_check
From: "Catalin(ux aka Dino) BOIE" <util@xxxxxxxxxxxxxxx>
Date: Tue, 7 Sep 2004 13:35:52 +0300 (EEST)
Cc: linux-kernel@xxxxxxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
Hello!

Coverity found a bug in accessing xfrm4_policy_check using XFRM_POLICY_FWD (=2) as index in sk->sk_policy.

sk->sk_policy[] is defined in sock.h as:

struct xfrm_policy *sk_policy[2];

Attached is the fix.

http://linuxbugs.coverity.com/external/editbugparent.php?viewbugid=2138&checkers%5B%5D=all&status%5B%5D=BUG&status%5B%5D=UNINSPECTED&status%5B%5D=UNKNOWN&status%5B%5D=DON%27T%20CARE&status%5B%5D=PENDING&product%5B%5D=all&component%5B%5D=all&file=&fn=&sortby=reverse_rank&before=&after=&curpage=2&bugid=-1&comment=&reason=

---
Catalin(ux aka Dino) BOIE
catab at deuroconsult.ro
http://kernel.umbrella.ro/

Attachment: out-of-bounds-xfrm_policy.patch
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>