Commit a4f1bac6 authored Jul 26, 2005 by Herbert Xu Committed by David S. Miller Jul 26, 2005

[XFRM]: Fix possible overflow of sock->sk_policy



Spotted by, and original patch by, Balazs Scheidler.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent cadf01c2

net/xfrm/xfrm_user.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -1350,6 +1350,9 @@ static struct xfrm_policy *xfrm_compile_policy(u16 family, int opt,
		if (nr > XFRM_MAX_DEPTH)
		return NULL;

		if (p->dir > XFRM_POLICY_OUT)
		return NULL;

		xp = xfrm_policy_alloc(GFP_KERNEL);
		if (xp == NULL) {
		*dir = -ENOBUFS;