[PATCH net-next] udp: fix incorrect parameter validation in the udp_lib_getsockopt() function

From: Gavrilov Ilia
Date: Wed Mar 06 2024 - 05:05:52 EST

Next message: K Prateek Nayak: "Re: [RFC PATCH 00/14] Introducing TIF_NOTIFY_IPI flag"
Previous message: Petr Tesařík: "Re: [PATCH net v3] net: stmmac: protect updates of 64-bit statistics counters"
Next in thread: Willem de Bruijn: "Re: [PATCH net-next] udp: fix incorrect parameter validation in the udp_lib_getsockopt() function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The 'len' variable can't be negative because all 'min_t' parameters
cast to unsigned int, and then the minimum one is chosen.

To fix it, move the if statement higher.

Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Gavrilov Ilia <Ilia.Gavrilov@xxxxxxxxxxx>
---
net/ipv4/udp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index e474b201900f..17231c0f8830 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -2792,11 +2792,11 @@ int udp_lib_getsockopt(struct sock *sk, int level, int optname,
if (get_user(len, optlen))
return -EFAULT;

- len = min_t(unsigned int, len, sizeof(int));
-
if (len < 0)
return -EINVAL;

+ len = min_t(unsigned int, len, sizeof(int));
+
switch (optname) {
case UDP_CORK:
val = udp_test_bit(CORK, sk);
--
2.39.2

Next message: K Prateek Nayak: "Re: [RFC PATCH 00/14] Introducing TIF_NOTIFY_IPI flag"
Previous message: Petr Tesařík: "Re: [PATCH net v3] net: stmmac: protect updates of 64-bit statistics counters"
Next in thread: Willem de Bruijn: "Re: [PATCH net-next] udp: fix incorrect parameter validation in the udp_lib_getsockopt() function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]