Página inicial Explorar Ajuda
Registrar Entrar
phyus
/
linux-vybrid_public
8
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Ver código fonte

tipc: Prevent access of non-existent field in short message header

This patch eliminates a case where TIPC's link code could try reading
a field that is not present in a short message header.  (The random
value obtained was not being used, but the read operation could result
in an invalid memory access exception in extremely rare circumstances.)

Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Allan Stephens 17 anos atrás
pai
1265a02108
commit
9c396a7bfb
1 arquivos alterados com 3 adições e 1 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 3 1
      net/tipc/link.c

+ 3 - 1
net/tipc/link.c
Ver arquivo 

@@ -2674,10 +2674,12 @@ int tipc_link_send_long_buf(struct link *l_ptr, struct sk_buff *buf)
 
 	u32 pack_sz = link_max_pkt(l_ptr);
 
 	u32 fragm_sz = pack_sz - INT_H_SIZE;
 
 	u32 fragm_no = 1;
 
-	u32 destaddr = msg_destnode(inmsg);
 
+	u32 destaddr;
 
 
 	if (msg_short(inmsg))
 
 		destaddr = l_ptr->addr;
 
+	else
 
+		destaddr = msg_destnode(inmsg);
 
 
 	if (msg_routed(inmsg))
 
 		msg_set_prevnode(inmsg, tipc_own_addr);