4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Dmitry Safonov dima@arista.com
[ Upstream commit 7acf9d4237c46894e0fa0492dd96314a41742e84 ]
Make ABI more strict about subscribing to group > ngroups. Code doesn't check for that and it looks bogus. (one can subscribe to non-existing group) Still, it's possible to bind() to all possible groups with (-1)
Cc: "David S. Miller" davem@davemloft.net Cc: Herbert Xu herbert@gondor.apana.org.au Cc: Steffen Klassert steffen.klassert@secunet.com Cc: netdev@vger.kernel.org Signed-off-by: Dmitry Safonov dima@arista.com Signed-off-by: David S. Miller davem@davemloft.net Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- net/netlink/af_netlink.c | 1 + 1 file changed, 1 insertion(+)
--- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -976,6 +976,7 @@ static int netlink_bind(struct socket *s if (err) return err; } + groups &= (1UL << nlk->ngroups) - 1;
bound = nlk->bound; if (bound) {