diff options
| author | Shan Wei <shanwei@cn.fujitsu.com> | 2009-09-22 15:41:10 +0000 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2009-09-24 15:38:44 -0700 |
| commit | 0915921bde4eb5d943b17c175febac58a254d7b6 (patch) | |
| tree | cd6a6845d0a340f4aa06a3b5f28118ae8d7e66bb /net | |
| parent | 8b3f6af86378d0a10ca2f1ded1da124aef13b62c (diff) | |
| download | linux-0-day-0915921bde4eb5d943b17c175febac58a254d7b6.tar.gz linux-0-day-0915921bde4eb5d943b17c175febac58a254d7b6.tar.xz | |
ipv4: check optlen for IP_MULTICAST_IF option
Due to man page of setsockopt, if optlen is not valid, kernel should return
-EINVAL. But a simple testcase as following, errno is 0, which means setsockopt
is successful.
addr.s_addr = inet_addr("192.1.2.3");
setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &addr, 1);
printf("errno is %d\n", errno);
Xiaotian Feng(dfeng@redhat.com) caught the bug. We fix it firstly checking
the availability of optlen and then dealing with the logic like other options.
Reported-by: Xiaotian Feng <dfeng@redhat.com>
Signed-off-by: Shan Wei <shanwei@cn.fujitsu.com>
Acked-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/ip_sockglue.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c index fc7993e9061fd..5a0693576e821 100644 --- a/net/ipv4/ip_sockglue.c +++ b/net/ipv4/ip_sockglue.c @@ -611,6 +611,9 @@ static int do_ip_setsockopt(struct sock *sk, int level, * Check the arguments are allowable */ + if (optlen < sizeof(struct in_addr)) + goto e_inval; + err = -EFAULT; if (optlen >= sizeof(struct ip_mreqn)) { if (copy_from_user(&mreq, optval, sizeof(mreq))) |