From: Marcelo Ricardo Leitner > Sent: 30 November 2015 16:33 > Dmitry Vyukov reported that the user could trigger a kernel warning by > using a large len value for getsockopt SCTP_GET_LOCAL_ADDRS, as that > value directly affects the value used as a kmalloc() parameter. > > This patch thus switches the allocation flags from all user-controllable > kmalloc size to GFP_USER to put some more restrictions on it and also > disables the warn, as they are not necessary. ISTM that the code should put some 'sanity limit' on that size before allocating the kernel buffer. David -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
