[grsec] reject with 2.6.20.7
Carlos Carvalho
carlos at fisica.ufpr.br
Sun Apr 15 12:51:37 EDT 2007
I'm trying to use the lastest version with 2.6.20.7 and get this
reject in net/ipv6/raw.c:
*************** static int rawv6_sendmsg(struct kiocb *i
*** 690,696 ****
/* Rough check on arithmetic overflow,
better check is made in ip6_build_xmit
*/
- if (len < 0)
return -EMSGSIZE;
/* Mirror BSD error message compatibility */
--- 690,696 ----
/* Rough check on arithmetic overflow,
better check is made in ip6_build_xmit
*/
+ if ((ssize_t)len < 0)
return -EMSGSIZE;
/* Mirror BSD error message compatibility */
The new version changed the test:
/* Rough check on arithmetic overflow,
better check is made in ip6_append_data().
*/
if (len > INT_MAX)
return -EMSGSIZE;
It seems this hunk can just be removed, no?
More information about the grsecurity
mailing list