Validate that user supplied control message length is not negative.
Submitted by: C Turt <cturt hardenedbsd.org> Security: SA-16:19 Security: CVE-2016-1887
This commit is contained in:
parent
c9d2719027
commit
7349ea785c
@ -1699,6 +1699,9 @@ sockargs(mp, buf, buflen, type)
|
||||
struct mbuf *m;
|
||||
int error;
|
||||
|
||||
if (buflen < 0)
|
||||
return (EINVAL);
|
||||
|
||||
if (buflen > MLEN) {
|
||||
#ifdef COMPAT_OLDSOCK
|
||||
if (type == MT_SONAME && buflen <= 112)
|
||||
|
Loading…
Reference in New Issue
Block a user