Commit 7863c9f3 authored by Guangguan Wang's avatar Guangguan Wang Committed by David S. Miller
Browse files

net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg 



When receiving proposal msg in server, the fields v2_ext_offset/
eid_cnt/ism_gid_cnt in proposal msg are from the remote client
and can not be fully trusted. Especially the field v2_ext_offset,
once exceed the max value, there has the chance to access wrong
address, and crash may happen.

This patch checks the fields v2_ext_offset/eid_cnt/ism_gid_cnt
before using them.

Fixes: 8c3dca34 ("net/smc: build and send V2 CLC proposal")
Signed-off-by: default avatarGuangguan Wang <guangguan.wang@linux.alibaba.com>
Reviewed-by: default avatarWen Gu <guwen@linux.alibaba.com>
Reviewed-by: default avatarD. Wythe <alibuda@linux.alibaba.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent a29e220d
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment