netfilter: ipv6: fix crash caused by ipv6_find_hdr() - snowball/igloo-kernel.git

diff options

author	JP Abgrall <jpa@google.com>	2011-09-29 15:36:49 -0700
committer	Colin Cross <ccross@android.com>	2012-04-09 13:57:57 -0700
commit	02435b1c3f4b70ffe18edb31a66afedabd0ba12b (patch)
tree	7f8625fedd89085a4b59f8b05c271481e5bccaab /net/bridge/br_device.c
parent	18913bc477d66183f729862798996381d5c98290 (diff)

netfilter: ipv6: fix crash caused by ipv6_find_hdr()

When calling: ipv6_find_hdr(skb, &thoff, -1, NULL) on a fragmented packet, thoff would be left with a random value causing callers to read random memory offsets with: skb_header_pointer(skb, thoff, ...) Now we force ipv6_find_hdr() to return a failure in this case. Calling: ipv6_find_hdr(skb, &thoff, -1, &fragoff) will set fragoff as expected, and not return a failure. Change-Id: Ib474e8a4267dd2b300feca325811330329684a88 Signed-off-by: JP Abgrall <jpa@google.com>

Diffstat (limited to 'net/bridge/br_device.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: