Commit 4bdd4499 authored Jan 15, 2025 by Nikita Zhandarovich Committed by Greg Kroah-Hartman Mar 13, 2025

net/rose: prevent integer overflows in rose_setsockopt()



[ Upstream commit d6406276 ]

In case of possible unpredictably large arguments passed to
rose_setsockopt() and multiplied by extra values on top of that,
integer overflows may occur.

Do the safest minimum and fix these issues by checking the
contents of 'opt' and returning -EINVAL if they are too large. Also,
switch to unsigned int and remove useless check for negative 'opt'
in ROSE_IDLE case.

Fixes: 1da177e4 ("Linux-2.6.12-rc2")
Signed-off-by: Nikita Zhandarovich <n.zhandarovich@fintech.ru>
Link: https://patch.msgid.link/20250115164220.19954-1-n.zhandarovich@fintech.ru


Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 321990fd

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit f2b154db
· Nov 05, 2025

mentioned in commit f2b154db

mentioned in commit f2b154db6f931fdc2e65c1b0eeaf67f5a74f78be

Toggle commit list

Please to comment