Dapper CVE-2010-3880, inet_diag: Make sure we actually run the same bytecode we audited
Brad Figg
brad.figg at canonical.com
Wed Feb 9 21:05:28 UTC 2011
On 02/09/2011 01:04 PM, Tim Gardner wrote:
>> On 02/09/2011 01:40 PM, Brad Figg wrote:
>>>>> struct inet_diag_entry entry;
>>>>> - struct rtattr *bc = (struct rtattr *)(r + 1);
>>>>> + struct rtattr *bc = nlmsg_find_attr(cb->nlh, sizeof(*r),
>>>>> + INET_DIAG_REQ_BYTECODE);
>>>
>>> In the other patches this was changed to:
>>> const struct nlattr *bc = nlmsg_find_attr(cb->nlh,
>>> sizeof(*r),
>>> INET_DIAG_REQ_BYTECODE);
>>>
>>>
>>
>> I dropped 'const' because the prototype for nlmsg_find_attr() doesn't
>> call for it in 2.6.15.
>>
>
> OK, I've corrected the type change from rtattr to nlattr.
>
> rtg
Acked-by: Brad Figg <brad.figg at canonical.com>
--
Brad Figg brad.figg at canonical.com http://www.canonical.com
More information about the kernel-team
mailing list