linux-next/sctp at 0e73fc9a56f22f2eec4d2b2910c649f7af67b74d - linux-next - MyRedstone

Kernel/linux-next

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-11 16:29:05 +00:00

History

Colin Ian King 0e73fc9a56 net: sctp: fix array overrun read on sctp_timer_tbl

The comparison on the timeout can lead to an array overrun
read on sctp_timer_tbl because of an off-by-one error. Fix
this by using < instead of <= and also compare to the array
size rather than SCTP_EVENT_TIMEOUT_MAX.

Fixes CoverityScan CID#1397639 ("Out-of-bounds read")

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

2017-01-20 11:26:01 -05:00

..

associola.c

sctp: fix recovering from 0 win with small data chunks

2016-12-23 14:01:35 -05:00

auth.c

sctp: use IS_ENABLED() instead of checking for built-in or module

2016-09-10 21:19:11 -07:00

bind_addr.c

sctp: not copying duplicate addrs to the assoc's bind address list

2016-12-20 14:15:45 -05:00

chunk.c

sctp: remove the old ttl expires policy

2016-10-13 09:44:14 -04:00

debug.c

net: sctp: fix array overrun read on sctp_timer_tbl

2017-01-20 11:26:01 -05:00

endpointola.c

sctp: sctp_epaddr_lookup_transport should be protected by rcu_read_lock

2016-12-17 11:43:23 -05:00

input.c

sctp: use new rhlist interface on sctp transport rhashtable

2016-11-16 23:22:17 -05:00

inqueue.c

sctp: rename WORD_TRUNC/ROUND macros

2016-09-22 03:13:26 -04:00

ipv6.c

Replace <asm/uaccess.h> with <linux/uaccess.h> globally

2016-12-24 11:46:01 -08:00

Kconfig

sctp: add the sctp_diag.c file

2016-04-15 17:29:36 -04:00

Makefile

sctp: Add GSO support

2016-06-03 19:37:21 -04:00

objcnt.c

sctp: fix checkpatch errors with (foo*)|foo * bar|foo* bar

2013-12-26 13:47:47 -05:00

offload.c

sctp: fix GSO for IPv6

2016-07-16 22:02:09 -07:00

output.c

sctp: clean up sctp_packet_transmit

2016-11-02 15:03:13 -04:00

outqueue.c

sctp: Fix spelling mistake: "Atempt" -> "Attempt"

2017-01-11 10:01:01 -05:00

primitive.c

sctp: Fix FSF address in file headers

2013-12-06 12:37:56 -05:00

probe.c

net: sctp: Convert log timestamps to be y2038 safe

2016-03-01 17:18:44 -05:00

proc.c

net: Suppress the "Comparison to NULL could be written" warnings

2016-09-30 01:50:45 -04:00

protocol.c

sctp: not copying duplicate addrs to the assoc's bind address list

2016-12-20 14:15:45 -05:00

sctp_diag.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2016-10-02 22:20:41 -04:00

sm_make_chunk.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2016-10-02 22:20:41 -04:00

sm_sideeffect.c

sctp: make sctp_outq_flush/tail/uncork return void

2016-09-18 22:02:33 -04:00

sm_statefuns.c

sctp: validate chunk len before actually using it

2016-10-29 12:00:10 -04:00

sm_statetable.c

sctp: fix checkpatch errors with indent

2013-12-26 13:47:48 -05:00

socket.c

sctp: sctp_transport_lookup_process should rcu_read_unlock when transport is null

2016-12-17 11:43:23 -05:00

ssnmap.c

sctp: Fix FSF address in file headers

2013-12-06 12:37:56 -05:00

sysctl.c

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2016-01-11 23:55:43 -05:00

transport.c

ktime: Cleanup ktime_set() usage

2016-12-25 17:21:22 +01:00

tsnmap.c

sctp: Fix FSF address in file headers

2013-12-06 12:37:56 -05:00

ulpevent.c

sctp: rename WORD_TRUNC/ROUND macros

2016-09-22 03:13:26 -04:00

ulpqueue.c

sctp: Remove some redundant code

2016-09-19 01:34:01 -04:00