[packages/kernel] - fix for https://lkml.org/lkml/2015/12/14/252

[arekm]

commit 8194c37765e4786342d2f449096f5f2d34d67763
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Tue Dec 15 13:51:56 2015 +0100

    - fix for https://lkml.org/lkml/2015/12/14/252

 kernel-small_fixes.patch | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
---
diff --git a/kernel-small_fixes.patch b/kernel-small_fixes.patch
index a0928ee..01eef92 100644
--- a/kernel-small_fixes.patch
+++ b/kernel-small_fixes.patch
@@ -670,3 +670,42 @@ index 45dcbcb5c594..0975da8e3432 100644
 -- 
 2.6.2
 
+From 09ccfd238e5a0e670d8178cf50180ea81ae09ae1 Mon Sep 17 00:00:00 2001
+From: WANG Cong <xiyou.wangcong at gmail.com>
+Date: Mon, 14 Dec 2015 13:48:36 -0800
+Subject: pptp: verify sockaddr_len in pptp_bind() and pptp_connect()
+
+Reported-by: Dmitry Vyukov <dvyukov at gmail.com>
+Signed-off-by: Cong Wang <xiyou.wangcong at gmail.com>
+Signed-off-by: David S. Miller <davem at davemloft.net>
+---
+ drivers/net/ppp/pptp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
+index fc69e41..597c53e 100644
+--- a/drivers/net/ppp/pptp.c
++++ b/drivers/net/ppp/pptp.c
+@@ -419,6 +419,9 @@ static int pptp_bind(struct socket *sock, struct sockaddr *uservaddr,
+ 	struct pptp_opt *opt = &po->proto.pptp;
+ 	int error = 0;
+ 
++	if (sockaddr_len < sizeof(struct sockaddr_pppox))
++		return -EINVAL;
++
+ 	lock_sock(sk);
+ 
+ 	opt->src_addr = sp->sa_addr.pptp;
+@@ -440,6 +443,9 @@ static int pptp_connect(struct socket *sock, struct sockaddr *uservaddr,
+ 	struct flowi4 fl4;
+ 	int error = 0;
+ 
++	if (sockaddr_len < sizeof(struct sockaddr_pppox))
++		return -EINVAL;
++
+ 	if (sp->sa_protocol != PX_PROTO_PPTP)
+ 		return -EINVAL;
+ 
+-- 
+cgit v0.11.2
+
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/kernel.git/commitdiff/8194c37765e4786342d2f449096f5f2d34d67763