| commit | 50038a29ee9d62aba6e66109d0b9c235bc0e31e2 | |
| author | Eric Dumazet <eric.dumazet@gmail.com> | |
| Thu, 14 Apr 2011 05:55:37 +0000 (14 05:55 +0000) | ||
| committer | Greg Kroah-Hartman <gregkh@suse.de> | |
| Thu, 21 Apr 2011 21:33:00 +0000 (21 14:33 -0700) | ||
| tree | 57cd32b7d6d5731dcd19ac5afffaf56b5c337e4e | treesnapshot (tar.gz zip) |
| parent | 6935b2f7905bc973676cec541c1ebbbd3bd5692f | commitdiff |
ip: ip_options_compile() resilient to NULL skb route
commit c65353daf137dd41f3ede3baf62d561fca076228 upstream.
Scot Doyle demonstrated ip_options_compile() could be called with an skb
without an attached route, using a setup involving a bridge, netfilter,
and forged IP packets.
Let's make ip_options_compile() and ip_options_rcv_srr() a bit more
robust, instead of changing bridge/netfilter code.
With help from Hiroaki SHIMODA.
Reported-by: Scot Doyle <lkml@scotdoyle.com>
Tested-by: Scot Doyle <lkml@scotdoyle.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
commit c65353daf137dd41f3ede3baf62d561fca076228 upstream.
Scot Doyle demonstrated ip_options_compile() could be called with an skb
without an attached route, using a setup involving a bridge, netfilter,
and forged IP packets.
Let's make ip_options_compile() and ip_options_rcv_srr() a bit more
robust, instead of changing bridge/netfilter code.
With help from Hiroaki SHIMODA.
Reported-by: Scot Doyle <lkml@scotdoyle.com>
Tested-by: Scot Doyle <lkml@scotdoyle.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| net/ipv4/ip_options.c | diffblobblamehistory |