summaryrefslogtreecommitdiff
path: root/sound/parisc
diff options
context:
space:
mode:
authorOlaf Hering <olaf@aepfle.de>2013-08-07 13:07:21 (GMT)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2013-08-12 22:44:57 (GMT)
commit2bc41ea3b3fd4c2f2473ec84f4ee3ef5ff21e49b (patch)
treed4d4b6e5554887ee55d7340f3251757bb8992d21 /sound/parisc
parentd3b688c6622334e8460e808755d7d9c4a78c3ae5 (diff)
downloadlinux-fsl-qoriq-2bc41ea3b3fd4c2f2473ec84f4ee3ef5ff21e49b.tar.xz
Tools: hv: correct payload size in netlink_send
netlink_send is supposed to send just the cn_msg+hv_kvp_msg via netlink. Currently it sets an incorrect iovec size, as reported by valgrind. In the case of registering with the kernel the allocated buffer is large enough to hold nlmsghdr+cn_msg+hv_kvp_msg, no overrun happens. In the case of responding to the kernel the cn_msg is located in the middle of recv_buffer, after the nlmsghdr. Currently the code in netlink_send adds also the size of nlmsghdr to the payload. But nlmsghdr is a separate iovec. This leads to an (harmless) out-of-bounds access when the kernel processes the iovec. Correct the iovec size of the cn_msg to be just cn_msg + its payload. Signed-off-by: Olaf Hering <olaf@aepfle.de> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'sound/parisc')
0 files changed, 0 insertions, 0 deletions