linux-sg2042/net/sctp
Jakub Audykowicz afd0a8006e sctp: frag_point sanity check
If for some reason an association's fragmentation point is zero,
sctp_datamsg_from_user will try to endlessly try to divide a message
into zero-sized chunks. This eventually causes kernel panic due to
running out of memory.

Although this situation is quite unlikely, it has occurred before as
reported. I propose to add this simple last-ditch sanity check due to
the severity of the potential consequences.

Signed-off-by: Jakub Audykowicz <jakub.audykowicz@gmail.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-05 20:37:52 -08:00
..
Kconfig sctp: whitespace fixes 2018-07-24 14:10:42 -07:00
Makefile sctp: rename sctp_diag.c as diag.c 2018-02-13 13:56:31 -05:00
associola.c sctp: kfree_rcu asoc 2018-12-03 15:54:41 -08:00
auth.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
bind_addr.c sctp: remove the typedef sctp_scope_t 2017-08-06 21:33:41 -07:00
chunk.c sctp: frag_point sanity check 2018-12-05 20:37:52 -08:00
debug.c sctp: add SCTP_CID_I_DATA and SCTP_CID_I_FWD_TSN conversion in sctp_cname 2018-02-12 11:40:01 -05:00
diag.c sctp: add file comments in diag.c 2018-02-13 13:56:31 -05:00
endpointola.c treewide: Use struct_size() for kmalloc()-family 2018-06-06 11:15:43 -07:00
input.c sctp: use the pmtu from the icmp packet to update transport pathmtu 2018-10-15 22:54:20 -07:00
inqueue.c sctp: fix the issue that the cookie-ack with auth can't get processed 2018-05-02 11:15:33 -04:00
ipv6.c sctp: check for ipv6_pinfo legal sndflow with flowlabel in sctp_v6_get_dst 2018-07-04 11:36:54 +09:00
objcnt.c proc: introduce proc_create_seq{,_data} 2018-05-16 07:23:35 +02:00
offload.c net: use skb_is_gso_sctp() instead of open-coding 2018-03-09 11:41:47 -05:00
output.c sctp: increase sk_wmem_alloc when head->truesize is increased 2018-11-27 15:42:31 -08:00
outqueue.c sctp: define SCTP_SS_DEFAULT for Stream schedulers 2018-11-03 19:40:29 -07:00
primitive.c sctp: remove the typedef sctp_subtype_t 2017-08-06 21:33:42 -07:00
proc.c sctp: remove useless start_fail from sctp_ht_iter in proc 2018-08-27 15:13:17 -07:00
protocol.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
sm_make_chunk.c sctp: update frag_point when stream_interleave is set 2018-11-30 13:12:43 -08:00
sm_sideeffect.c sctp: whitespace fixes 2018-07-24 14:10:42 -07:00
sm_statefuns.c sctp: delay the authentication for the duplicated cookie-echo chunk 2018-05-07 23:39:10 -04:00
sm_statetable.c sctp: implement validate_ftsn for sctp_stream_interleave 2017-12-15 13:52:22 -05:00
socket.c sctp: frag_point sanity check 2018-12-05 20:37:52 -08:00
stream.c sctp: not increase stream's incnt before sending addstrm_in request 2018-11-19 14:46:32 -08:00
stream_interleave.c net/sctp: Make wrappers for accessing in/out streams 2018-08-11 12:25:15 -07:00
stream_sched.c net/sctp: Make wrappers for accessing in/out streams 2018-08-11 12:25:15 -07:00
stream_sched_prio.c net/sctp: Make wrappers for accessing in/out streams 2018-08-11 12:25:15 -07:00
stream_sched_rr.c net/sctp: Make wrappers for accessing in/out streams 2018-08-11 12:25:15 -07:00
sysctl.c sctp: support sysctl to allow users to use stream interleave 2017-12-15 13:52:22 -05:00
transport.c sctp: update dst pmtu with the correct daddr 2018-09-20 11:29:30 -07:00
tsnmap.c sctp: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
ulpevent.c sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg 2018-05-10 17:48:36 -04:00
ulpqueue.c sctp: Use skb_queue_is_first(). 2018-09-10 10:06:53 -07:00