udp: fix integer overflow while computing available space in sk_rcvbuf - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Antonio Messina <amessina@google.com>	2019-12-19 15:08:03 +0100
committer	David S. Miller <davem@davemloft.net>	2019-12-24 14:52:39 -0800
commit	feed8a4fc9d46c3126fb9fcae0e9248270c6321a (patch)
tree	af3b520fba6a979b12c0fb470dc697a827725b06 /tools
parent	c60174717544aa8959683d7e19d568309c3a0c65 (diff)
download	linux-feed8a4fc9d46c3126fb9fcae0e9248270c6321a.tar.bz2

udp: fix integer overflow while computing available space in sk_rcvbuf

When the size of the receive buffer for a socket is close to 2^31 when computing if we have enough space in the buffer to copy a packet from the queue to the buffer we might hit an integer overflow. When an user set net.core.rmem_default to a value close to 2^31 UDP packets are dropped because of this overflow. This can be visible, for instance, with failure to resolve hostnames. This can be fixed by casting sk_rcvbuf (which is an int) to unsigned int, similarly to how it is done in TCP. Signed-off-by: Antonio Messina <amessina@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'tools')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: