ppp: reject claimed-as-LCP but actually malformed packets - linux/linux-stable.git

diff options

author	Dmitry Antipov <dmantipov@yandex.ru>	2024-07-08 14:56:15 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-07-18 11:39:37 +0200
commit	97d1efd8be26615ff680cdde86937d5943138f37 (patch)
tree	4ea1218680edd44c8faf0f9168ecf0c4b1d54991 /scripts/gcc-plugins/structleak_plugin.c
parent	1a2db00a554cfda57c397cce79b2804bf9633fec (diff)

ppp: reject claimed-as-LCP but actually malformed packets

[ Upstream commit f2aeb7306a898e1cbd03963d376f4b6656ca2b55 ] Since 'ppp_async_encode()' assumes valid LCP packets (with code from 1 to 7 inclusive), add 'ppp_check_packet()' to ensure that LCP packet has an actual body beyond PPP_LCP header bytes, and reject claimed-as-LCP but actually malformed data otherwise. Reported-by: syzbot+ec0723ba9605678b14bf@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=ec0723ba9605678b14bf Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru> Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org>

Diffstat (limited to 'scripts/gcc-plugins/structleak_plugin.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: