Re: [PATCH v2] af_key: pfkey_dump needs parameter validation

On Wed, Jul 22, 2020 at 04:00:53AM -0700, Mark Salyzyn wrote: > In pfkey_dump() dplen and splen can both be specified to access the > xfrm_address_t structure out of bounds in__xfrm_state_filter_match() > when it calls addr_match() with the indexes. Return EINVAL if either > are out of range. > >

[PATCH v2] af_key: pfkey_dump needs parameter validation

In pfkey_dump() dplen and splen can both be specified to access the xfrm_address_t structure out of bounds in__xfrm_state_filter_match() when it calls addr_match() with the indexes. Return EINVAL if either are out of range. Signed-off-by: Mark Salyzyn Cc: netdev@vger.kernel.org Cc: linux-ker...@