[kernel] r12671 - dists/etch-security/linux-2.6/debian/patches/bugfix/all

Dann Frazier dannf at alioth.debian.org
Mon Feb 2 18:52:44 UTC 2009 

Author: dannf
Date: Mon Feb  2 18:52:41 2009
New Revision: 12671

Log:
adjust to apply to correct functions

Modified:
   dists/etch-security/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch

Modified: dists/etch-security/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch	(original)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/sctp-avoid-memory-overflow.patch	Mon Feb  2 18:52:41 2009
@@ -28,20 +28,19 @@
 Adjusted to apply to Debian's 2.6.18 by dann frazier <dannf at debian.org>
 
 diff -urpN linux-source-2.6.18.orig/net/sctp/sm_statefuns.c linux-source-2.6.18/net/sctp/sm_statefuns.c
---- linux-source-2.6.18.orig/net/sctp/sm_statefuns.c	2008-10-13 09:28:32.000000000 -0600
-+++ linux-source-2.6.18/net/sctp/sm_statefuns.c	2009-01-13 22:22:46.000000000 -0700
-@@ -3466,6 +3466,8 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
+--- linux-source-2.6.18.orig/net/sctp/sm_statefuns.c	2008-12-25 14:04:12.000000000 -0700
++++ linux-source-2.6.18/net/sctp/sm_statefuns.c	2009-02-02 11:51:26.000000000 -0700
+@@ -3406,6 +3406,7 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn(c
  {
  	struct sctp_chunk *chunk = arg;
  	struct sctp_fwdtsn_hdr *fwdtsn_hdr;
 +	struct sctp_fwdtsn_skip *skip;
-+	struct sctp_fwdtsn_skip *skip;
  	__u16 len;
  	__u32 tsn;
  
-@@ -3495,6 +3497,18 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
+@@ -3435,6 +3436,12 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn(c
  	if (sctp_tsnmap_check(&asoc->peer.tsn_map, tsn) < 0)
- 		goto gen_shutdown;
+ 		goto discard_noforce;
  
 +	/* Silently discard the chunk if stream-id is not valid */
 +	sctp_walk_fwdtsn(skip, chunk) {
@@ -49,6 +48,21 @@
 +			goto discard_noforce;
 +	}
 +
+ 	sctp_add_cmd_sf(commands, SCTP_CMD_REPORT_FWDTSN, SCTP_U32(tsn));
+ 	if (len > sizeof(struct sctp_fwdtsn_hdr))
+ 		sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_FWDTSN, 
+@@ -3466,6 +3473,7 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
+ {
+ 	struct sctp_chunk *chunk = arg;
+ 	struct sctp_fwdtsn_hdr *fwdtsn_hdr;
++	struct sctp_fwdtsn_skip *skip;
+ 	__u16 len;
+ 	__u32 tsn;
+ 
+@@ -3495,6 +3503,12 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_f
+ 	if (sctp_tsnmap_check(&asoc->peer.tsn_map, tsn) < 0)
+ 		goto gen_shutdown;
+ 
 +	/* Silently discard the chunk if stream-id is not valid */
 +	sctp_walk_fwdtsn(skip, chunk) {
 +		if (ntohs(skip->stream) >= asoc->c.sinit_max_instreams)

More information about the Kernel-svn-changes mailing list