Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit 51f9cc1ff8aa0866ff8fb3c06be4c64b5edbb2e8

Authored by Allan Stephens
Committed by David S. Miller
1 parent a3b0a5a9d0
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

[TIPC]: Optimized argument validation done by connect(). 

Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Signed-off-by: Per Liden <per.liden@ericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Showing 1 changed file with 13 additions and 4 deletions Side-by-side Diff

... ... @@ -455,7 +455,8 @@
455 455  
456 456 if (unlikely(!dest))
457 457 return -EDESTADDRREQ;
458   - if (unlikely(dest->family != AF_TIPC))
  458 + if (unlikely((m->msg_namelen < sizeof(*dest)) ||
  459 + (dest->family != AF_TIPC)))
459 460 return -EINVAL;
460 461  
461 462 needs_conn = (sock->state != SS_READY);
... ... @@ -1245,7 +1246,8 @@
1245 1246 if (sock->state == SS_READY)
1246 1247 return -EOPNOTSUPP;
1247 1248  
1248   - /* MOVE THE REST OF THIS ERROR CHECKING TO send_msg()? */
  1249 + /* Issue Posix-compliant error code if socket is in the wrong state */
  1250 +
1249 1251 if (sock->state == SS_LISTENING)
1250 1252 return -EOPNOTSUPP;
1251 1253 if (sock->state == SS_CONNECTING)
1252 1254  
... ... @@ -1253,13 +1255,20 @@
1253 1255 if (sock->state != SS_UNCONNECTED)
1254 1256 return -EISCONN;
1255 1257  
1256   - if ((destlen < sizeof(*dst)) || (dst->family != AF_TIPC) ||
1257   - ((dst->addrtype != TIPC_ADDR_NAME) && (dst->addrtype != TIPC_ADDR_ID)))
  1258 + /*
  1259 + * Reject connection attempt using multicast address
  1260 + *
  1261 + * Note: send_msg() validates the rest of the address fields,
  1262 + * so there's no need to do it here
  1263 + */
  1264 +
  1265 + if (dst->addrtype == TIPC_ADDR_MCAST)
1258 1266 return -EINVAL;
1259 1267  
1260 1268 /* Send a 'SYN-' to destination */
1261 1269  
1262 1270 m.msg_name = dest;
  1271 + m.msg_namelen = destlen;
1263 1272 if ((res = send_msg(NULL, sock, &m, 0)) < 0) {
1264 1273 sock->state = SS_DISCONNECTING;
1265 1274 return res;