kernel-ark/include/net
Al Viro 8920e8f94c [PATCH] Fix 32bit sendmsg() flaw
When we copy 32bit ->msg_control contents to kernel, we walk the same
userland data twice without sanity checks on the second pass.

Second version of this patch: the original broke with 64-bit arches
running 32-bit-compat-mode executables doing sendmsg() syscalls with
unaligned CMSG data areas

Another thing is that we use kmalloc() to allocate and sock_kfree_s()
to free afterwards; less serious, but also needs fixing.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-08 08:14:11 -07:00
..
bluetooth
irda
sctp
tc_act
act_api.h
act_generic.h
addrconf.h
af_unix.h
ah.h
arp.h
atmclip.h
ax25.h
checksum.h
compat.h [PATCH] Fix 32bit sendmsg() flaw 2005-09-08 08:14:11 -07:00
datalink.h
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h
dn_route.h
dn.h
dsfield.h
dst.h
esp.h
flow.h
gen_stats.h
icmp.h
ieee80211_crypt.h
ieee80211.h
if_inet6.h
inet6_hashtables.h
inet_common.h
inet_connection_sock.h
inet_ecn.h
inet_hashtables.h
inet_timewait_sock.h
inetpeer.h
ip6_checksum.h
ip6_fib.h
ip6_route.h
ip6_tunnel.h
ip_fib.h
ip_mp_alg.h
ip_vs.h
ip.h
ipcomp.h
ipconfig.h
ipip.h
ipv6.h
ipx.h
iw_handler.h
lapb.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
ndisc.h
neighbour.h
netrom.h
p8022.h
pkt_act.h
pkt_cls.h
pkt_sched.h
protocol.h
psnap.h
raw.h
rawv6.h
request_sock.h
rose.h
route.h
sch_generic.h
scm.h
slhc_vj.h
snmp.h
sock.h
syncppp.h
tcp_ecn.h
tcp_states.h
tcp.h
transp_v6.h
udp.h
x25.h
x25device.h
xfrm.h