maxv ecab785878 Oh, what is this. Fix a remotely-triggerable integer overflow: the way we ... define TCPOLEN_SACK makes it unsigned, and the comparison in the while() is unsigned too. That's not the expected behavior, the original code wanted a signed comparison. It's pretty easy to make 'hlen' go negative and trigger a buffer overflow. This bug was reported 8 years ago by Lucio Albornoz in PR/44059.		2018-02-09 21:25:04 +00:00
..
net	Oh, what is this. Fix a remotely-triggerable integer overflow: the way we	2018-02-09 21:25:04 +00:00
netinet	Separate /dev/random pseudodevice implemenation from kernel entropy pool	2011-12-17 20:05:38 +00:00