net: check the length of the socket address passed to connect(2)

check the length of the socket address passed to connect(2). Check the length of the socket address passed to connect(2). If the length is invalid, -EINVAL will be returned. Signed-off-by: Changli Gao <xiaosuo@gmail.com> ---- net/bluetooth/l2cap.c | 3 ++- net/bluetooth/rfcomm/sock.c | 3 ++- net/bluetooth/sco.c | 3 ++- net/can/bcm.c | 3 +++ net/ieee802154/af_ieee802154.c | 3 +++ net/ipv4/af_inet.c | 5 +++++ net/netlink/af_netlink.c | 3 +++ 7 files changed, 20 insertions(+), 3 deletions(-) Signed-off-by: David S. Miller <davem@davemloft.net>
author: Changli Gao <xiaosuo@gmail.com> 2010-03-31 22:58:26 +0000
committer: David S. Miller <davem@davemloft.net> 2010-04-01 17:26:01 -0700
commit: 6503d96168f891ffa3b70ae6c9698a1a722025a0 (patch)
tree: 9fafcd9eb2c0b3feda0cf4c36e4167ba3028d83a /net/netlink
parent: a1d6f3f65512cc90a636e6ec653b7bc9e2238753 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index acbbae1e89b5..795424396aff 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -683,6 +683,9 @@ static int netlink_connect(struct socket *sock, struct sockaddr *addr,
 	struct netlink_sock *nlk = nlk_sk(sk);
 	struct sockaddr_nl *nladdr = (struct sockaddr_nl *)addr;
 
+	if (alen < sizeof(addr->sa_family))
+		return -EINVAL;
+
 	if (addr->sa_family == AF_UNSPEC) {
 		sk->sk_state	= NETLINK_UNCONNECTED;
 		nlk->dst_pid	= 0;
author	Changli Gao <xiaosuo@gmail.com>	2010-03-31 22:58:26 +0000
committer	David S. Miller <davem@davemloft.net>	2010-04-01 17:26:01 -0700
commit	6503d96168f891ffa3b70ae6c9698a1a722025a0 (patch)
tree	9fafcd9eb2c0b3feda0cf4c36e4167ba3028d83a /net/netlink
parent	a1d6f3f65512cc90a636e6ec653b7bc9e2238753 (diff)