totemsrp: Check size of orf_token msg
ea7d0a01337dUnpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

totemsrp: Check size of orf_token msg

orf_token message is stored into preallocated array on endian convert
so carefully crafted malicious message can lead to crash of corosync.

Solution is to check message size beforehand.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>

Provenance

jfriesse

Authored on Mon, Mar 24, 7:05 AM

Parents

rC73ba225cc48e: totemknet: Handle new knet2 datafd API

Branches

Unknown

Tags

Unknown

Path

Size

exec/