Skip to content
Snippets Groups Projects
Commit 8742dc86 authored by Steffen Klassert's avatar Steffen Klassert
Browse files

xfrm4: Fix uninitialized memory read in _decode_session4 


We currently don't reload pointers pointing into skb header
after doing pskb_may_pull() in _decode_session4(). So in case
pskb_may_pull() changed the pointers, we read from random
memory. Fix this by putting all the needed infos on the
stack, so that we don't need to access the header pointers
after doing pskb_may_pull().

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent 025c65e1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 13 additions and 11 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment