From: Oliver Hartkopp <socketcan@xxxxxxxxxxxx> Date: Fri, 23 Jun 2017 19:36:12 +0200 > > > On 06/23/2017 07:32 PM, Julian Wiedmann wrote: >> From: Mateusz Jurczyk <mjurczyk@xxxxxxxxxx> >> >> Verify that the caller-provided sockaddr structure is large enough to >> contain the sa_family field, before accessing it in bind() and connect() >> handlers of the AF_IUCV socket. Since neither syscall enforces a minimum >> size of the corresponding memory region, very short sockaddrs (zero or >> one byte long) result in operating on uninitialized memory while >> referencing .sa_family. > > Won't it make sense to generally check the minimum length for .sa_family at a > single point before fixing all called sites? We had this discussion last week and we decided that putting it into the handlers is the way to go for now. -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
