diff options
| author | Colin Percival <cperciva@FreeBSD.org> | 2009-06-10 10:31:11 +0000 |
|---|---|---|
| committer | Colin Percival <cperciva@FreeBSD.org> | 2009-06-10 10:31:11 +0000 |
| commit | 1baa48a657c12243a988556dba78f381710cf60f (patch) | |
| tree | 56606fcfbc43ee183c8614f32bf6f19c51129fd5 /sys/netinet6/in6.c | |
| parent | 54055718ff5134ddd61afc4c5f01440022040a06 (diff) | |
| download | src-1baa48a657c12243a988556dba78f381710cf60f.tar.gz src-1baa48a657c12243a988556dba78f381710cf60f.zip | |
Prevent integer overflow in direct pipe write code from circumventing
virtual-to-physical page lookups. [09:09]
Add missing permissions check for SIOCSIFINFO_IN6 ioctl. [09:10]
Fix buffer overflow in "autokey" negotiation in ntpd(8). [09:11]
Approved by: so (cperciva)
Approved by: re (not really, but SVN wants this...)
Security: FreeBSD-SA-09:09.pipe
Security: FreeBSD-SA-09:10.ipv6
Security: FreeBSD-SA-09:11.ntpd
Notes
Notes:
svn path=/releng/7.2/; revision=193893
Diffstat (limited to 'sys/netinet6/in6.c')
| -rw-r--r-- | sys/netinet6/in6.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index 98dafbb540c0..39a8b39f846b 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -354,6 +354,7 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, case SIOCSRTRFLUSH_IN6: case SIOCSDEFIFACE_IN6: case SIOCSIFINFO_FLAGS: + case SIOCSIFINFO_IN6: if (td != NULL) { error = priv_check(td, PRIV_NETINET_ND6); if (error) @@ -362,7 +363,6 @@ in6_control(struct socket *so, u_long cmd, caddr_t data, /* FALLTHROUGH */ case OSIOCGIFINFO_IN6: case SIOCGIFINFO_IN6: - case SIOCSIFINFO_IN6: case SIOCGDRLST_IN6: case SIOCGPRLST_IN6: case SIOCGNBRINFO_IN6: |