usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input - nova.git

diff options

author	Shuah Khan <shuahkh@osg.samsung.com>	2017-12-07 14:16:48 -0700
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-12-08 17:32:23 +0100
commit	c6688ef9f29762e65bce325ef4acd6c675806366 (patch)
tree	083ad6fdada35ec3ccbe4c637f92cc210ad7f5d0 /drivers/usb/usbip/usbip_common.h
parent	635f545a7e8be7596b9b2b6a43cab6bbd5a88e43 (diff)

usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input

Harden CMD_SUBMIT path to handle malicious input that could trigger large memory allocations. Add checks to validate transfer_buffer_length and number_of_packets to protect against bad input requesting for unbounded memory allocations. Validate early in get_pipe() and return failure. Reported-by: Secunia Research <vuln@secunia.com> Cc: stable <stable@vger.kernel.org> Signed-off-by: Shuah Khan <shuahkh@osg.samsung.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'drivers/usb/usbip/usbip_common.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: