/[linux-patches]/genpatches-2.6/trunk/2.6.14/1069_5_bridge-nf-ipv6-length-check.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.14/1069_5_bridge-nf-ipv6-length-check.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 235 - (show annotations) (download) (as text)
Thu Dec 29 16:17:24 2005 UTC (14 years, 11 months ago) by dsd
File MIME type: text/x-diff
File size: 1801 byte(s)
2.6.14.5 thanks to kerframil
1 From: Bart De Schuymer <bdschuym@pandora.be>
2 Date: Tue, 20 Dec 2005 01:00:13 +0000 (-0800)
3 Subject: [PATCH] Fix bridge-nf ipv6 length check
4 X-Git-Url: http://kernel.org/git/?p=linux/kernel/git/gregkh/linux-2.6.14.y.git;a=commitdiff;h=a7508849e7d21b89010539d54359ef8f3d89e8ec
5
6 [PATCH] Fix bridge-nf ipv6 length check
7
8 A typo caused some bridged IPv6 packets to get dropped randomly,
9 as reported by Sebastien Chaumontet. The patch below fixes this
10 (using skb->nh.raw instead of raw) and also makes the jumbo packet
11 length checking up-to-date with the code in
12 net/ipv6/exthdrs.c::ipv6_hop_jumbo.
13
14 Signed-off-by: Bart De Schuymer <bdschuym@pandora.be>
15 Signed-off-by: David S. Miller <davem@davemloft.net>
16 Signed-off-by: Chris Wright <chrisw@redhat.com>
17 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
18 ---
19
20 --- a/net/bridge/br_netfilter.c
21 +++ b/net/bridge/br_netfilter.c
22 @@ -295,7 +295,7 @@ static int check_hbh_len(struct sk_buff
23 len -= 2;
24
25 while (len > 0) {
26 - int optlen = raw[off+1]+2;
27 + int optlen = skb->nh.raw[off+1]+2;
28
29 switch (skb->nh.raw[off]) {
30 case IPV6_TLV_PAD0:
31 @@ -308,18 +308,15 @@ static int check_hbh_len(struct sk_buff
32 case IPV6_TLV_JUMBO:
33 if (skb->nh.raw[off+1] != 4 || (off&3) != 2)
34 goto bad;
35 -
36 pkt_len = ntohl(*(u32*)(skb->nh.raw+off+2));
37 -
38 + if (pkt_len <= IPV6_MAXPLEN ||
39 + skb->nh.ipv6h->payload_len)
40 + goto bad;
41 if (pkt_len > skb->len - sizeof(struct ipv6hdr))
42 goto bad;
43 - if (pkt_len + sizeof(struct ipv6hdr) < skb->len) {
44 - if (__pskb_trim(skb,
45 - pkt_len + sizeof(struct ipv6hdr)))
46 - goto bad;
47 - if (skb->ip_summed == CHECKSUM_HW)
48 - skb->ip_summed = CHECKSUM_NONE;
49 - }
50 + if (pskb_trim_rcsum(skb,
51 + pkt_len+sizeof(struct ipv6hdr)))
52 + goto bad;
53 break;
54 default:
55 if (optlen > len)

  ViewVC Help
Powered by ViewVC 1.1.20