git://git.onelab.eu
/
linux-2.6.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
b503c75
)
- merge revision 1.3
author
Mark Huang
<mlhuang@cs.princeton.edu>
Thu, 27 Jan 2005 20:45:09 +0000
(20:45 +0000)
committer
Mark Huang
<mlhuang@cs.princeton.edu>
Thu, 27 Jan 2005 20:45:09 +0000
(20:45 +0000)
date: 2005/01/19 22:42:27; author: mef; state: Exp; lines: +1 -3
Fixes CAN-2004 security reports 1016, 1017, and 1068
net/core/scm.c
patch
|
blob
|
history
diff --git
a/net/core/scm.c
b/net/core/scm.c
index
3699df3
..
a2ebf30
100644
(file)
--- a/
net/core/scm.c
+++ b/
net/core/scm.c
@@
-127,9
+127,7
@@
int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *p)
for too short ancillary data object at all! Oops.
OK, let's add it...
*/
- if (cmsg->cmsg_len < sizeof(struct cmsghdr) ||
- (unsigned long)(((char*)cmsg - (char*)msg->msg_control)
- + cmsg->cmsg_len) > msg->msg_controllen)
+ if (!CMSG_OK(msg, cmsg))
goto error;
if (cmsg->cmsg_level != SOL_SOCKET)