[07/11] llc: use limited socket backlog CVE-2010-4251

Message ID 1310394020-4846-8-git-send-email-paolo.pisati@canonical.com
State New
Headers show

Commit Message

Paolo Pisati July 11, 2011, 2:20 p.m.
From: Zhu Yi <yi.zhu@intel.com>

BugLink: http://bugs.launchpad.net/bugs/807462

Make llc adapt to the limited socket backlog change.

Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Signed-off-by: Zhu Yi <yi.zhu@intel.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 79545b681961d7001c1f4c3eb9ffb87bed4485db)

Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
 net/llc/llc_conn.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)


diff --git a/net/llc/llc_conn.c b/net/llc/llc_conn.c
index c6bab39..8f97546 100644
--- a/net/llc/llc_conn.c
+++ b/net/llc/llc_conn.c
@@ -756,7 +756,8 @@  void llc_conn_handler(struct llc_sap *sap, struct sk_buff *skb)
 	else {
 		dprintk("%s: adding to backlog...\n", __func__);
 		llc_set_backlog_type(skb, LLC_PACKET);
-		sk_add_backlog(sk, skb);
+		if (sk_add_backlog_limited(sk, skb))
+			goto drop_unlock;