Patch "batman-adv: properly check pskb_may_pull return value" has been added to the 3.13-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    batman-adv: properly check pskb_may_pull return value

to the 3.13-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     batman-adv-properly-check-pskb_may_pull-return-value.patch
and it can be found in the queue-3.13 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Thu Feb 27 20:11:26 PST 2014
From: Antonio Quartulli <antonio@xxxxxxxxxxxxxx>
Date: Thu, 30 Jan 2014 00:12:24 +0100
Subject: batman-adv: properly check pskb_may_pull return value

From: Antonio Quartulli <antonio@xxxxxxxxxxxxxx>

[ Upstream commit f1791425cf0bcda43ab9a9a37df1ad3ccb1f6654 ]

pskb_may_pull() returns 1 on success and 0 in case of failure,
therefore checking for the return value being negative does
not make sense at all.

This way if the function fails we will probably read beyond the current
skb data buffer. Fix this by doing the proper check.

Signed-off-by: Antonio Quartulli <antonio@xxxxxxxxxxxxxx>
Signed-off-by: Marek Lindner <mareklindner@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 net/batman-adv/routing.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -833,7 +833,7 @@ static int batadv_check_unicast_ttvn(str
 	int is_old_ttvn;
 
 	/* check if there is enough data before accessing it */
-	if (pskb_may_pull(skb, hdr_len + ETH_HLEN) < 0)
+	if (!pskb_may_pull(skb, hdr_len + ETH_HLEN))
 		return 0;
 
 	/* create a copy of the skb (in case of for re-routing) to modify it. */


Patches currently in stable-queue which might be from antonio@xxxxxxxxxxxxxx are

queue-3.13/batman-adv-fix-soft-interface-mtu-computation.patch
queue-3.13/batman-adv-avoid-double-free-when-orig_node-initialization-fails.patch
queue-3.13/batman-adv-fix-potential-orig_node-reference-leak.patch
queue-3.13/batman-adv-release-vlan-object-after-checking-the-crc.patch
queue-3.13/batman-adv-fix-potential-kernel-paging-error-for-unicast-transmissions.patch
queue-3.13/batman-adv-properly-check-pskb_may_pull-return-value.patch
queue-3.13/batman-adv-fix-tt-tvlv-parsing-on-ogm-reception.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]