>
> Hmm, we should exclude the raw socket case, something like the
> following, but I am not sure if the check is too strict or not, also
> not sure if we should return an error for this raw socket case.
No, SOF_TIMESTAMPING_OPT_ID with SOCK_RAW/IPPROTO_TCP
is legitimate. It should fall through to
On Wed, Dec 16, 2015 at 12:22 PM, Cong Wang wrote:
> Hmm, we should exclude the raw socket case, something like the
> following, but I am not sure if the check is too strict or not, also
> not sure if we should return an error for this raw socket case.
>
> diff --git a/net/core/sock.c b/net/core/
On Wed, Dec 16, 2015 at 11:34 AM, Dmitry Vyukov wrote:
> BUG: KASAN: slab-out-of-bounds in sock_setsockopt+0x1284/0x13d0 at
> addr 88006563ec10
> Read of size 4 by task syzkaller_execu/4755
> =
> BUG RAWv6 (Not tainted
Hello,
The following program triggers heap-out-of-bounds access in sock_setsockopt:
// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include
#include
#include
#include
#include
#include
#include
#define SOF_TIMESTAMPING_OPT_ID (1<<7)
int main()
{
int fd = socke
