r2508 - in trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series
Joshua Kwan
joshk@costa.debian.org
Thu, 17 Feb 2005 20:30:13 +0100
Author: joshk
Date: 2005-02-17 20:30:12 +0100 (Thu, 17 Feb 2005)
New Revision: 2508
Added:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/135_fix_ip_options_leak.diff
Modified:
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9
Log:
[CAN-2004-1335] fix leak of IP options data
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-02-17 19:15:44 UTC (rev 2507)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog 2005-02-17 19:30:12 UTC (rev 2508)
@@ -8,11 +8,14 @@
* Updated apply script so it can handle point versions
(Simon Horman)
-
+
* 134_skb_reset_ip_summed.diff: resolve checksumming exploit in
fragmented packet forwarding (Joshua Kwan)
+
+ * 135_fix_ip_options_leak.diff: [CAN-2004-1335] fix leak of IP options
+ data.
- -- Joshua Kwan <joshk@triplehelix.org> Wed, 16 Feb 2005 16:06:48 -0800
+ -- Joshua Kwan <joshk@triplehelix.org> Thu, 17 Feb 2005 11:29:09 -0800
kernel-source-2.4.27 (2.4.27-8) unstable; urgency=high
Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/135_fix_ip_options_leak.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/135_fix_ip_options_leak.diff 2005-02-17 19:15:44 UTC (rev 2507)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/135_fix_ip_options_leak.diff 2005-02-17 19:30:12 UTC (rev 2508)
@@ -0,0 +1,35 @@
+# origin: bk
+# key: 41b766beodCDEFPbjDRLoUUUxw4Z6w (linux-2.4)
+# description: Do not leak IP options.
+# inclusion: backport from 2.4.29
+# revision date: 2005-02-17
+
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2004/12/08 12:40:30-08:00 davem@nuts.davemloft.net
+# [IPV4]: Do not leak IP options.
+#
+# If the user makes ip_cmsg_send call ip_options_get
+# multiple times, we leak kmalloced IP options data.
+#
+# Noticed by Georgi Guninski.
+#
+# Signed-off-by: David S. Miller <davem@davemloft.net>
+#
+# net/ipv4/ip_options.c
+# 2004/12/08 12:40:12-08:00 davem@nuts.davemloft.net +2 -0
+# [IPV4]: Do not leak IP options.
+#
+diff -Nru a/net/ipv4/ip_options.c b/net/ipv4/ip_options.c
+--- a/net/ipv4/ip_options.c 2005-02-17 11:29:02 -08:00
++++ b/net/ipv4/ip_options.c 2005-02-17 11:29:02 -08:00
+@@ -514,6 +514,8 @@
+ kfree(opt);
+ return -EINVAL;
+ }
++ if (*optp)
++ kfree(*optp);
+ *optp = opt;
+ return 0;
+ }
Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9 2005-02-17 19:15:44 UTC (rev 2507)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-9 2005-02-17 19:30:12 UTC (rev 2508)
@@ -1 +1,2 @@
+ 134_skb_reset_ip_summed.diff
++ 135_fix_ip_options_leak.diff