sctp: Prevent TOCTOU out-of-bounds write - wireguard-linux

diff options

author	Stefan Wiehler <stefan.wiehler@nokia.com>	2025-10-28 17:12:27 +0100
committer	Jakub Kicinski <kuba@kernel.org>	2025-11-03 17:09:36 -0800
commit	95aef86ab231f047bb8085c70666059b58f53c09 (patch)
tree	71e9e90a09c4d9926620e14602efb477e7ddc016 /scripts/basic/git:/ssh:/git@git.zx2c4.com
parent	sctp: Hold RCU read lock while iterating over address list (diff)
download	wireguard-linux-95aef86ab231f047bb8085c70666059b58f53c09.tar.xz wireguard-linux-95aef86ab231f047bb8085c70666059b58f53c09.zip

sctp: Prevent TOCTOU out-of-bounds write

For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use). Suggested-by: Kuniyuki Iwashima <kuniyu@google.com> Fixes: 8f840e47f190 ("sctp: add the sctp_diag.c file") Signed-off-by: Stefan Wiehler <stefan.wiehler@nokia.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@google.com> Acked-by: Xin Long <lucien.xin@gmail.com> Link: https://patch.msgid.link/20251028161506.3294376-3-stefan.wiehler@nokia.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Diffstat (limited to 'scripts/basic/git:/ssh:/git@git.zx2c4.com')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: