| Submitter | Herton Ronaldo Krzesinski |
|---|---|
| Date | Feb. 15, 2013, 3:11 a.m. |
| Message ID | <1360897917-16542-1-git-send-email-herton.krzesinski@canonical.com> |
| Download | mbox | patch |
| Permalink | /patch/220614/ |
| State | New |
| Headers | show |
Comments
Patch
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index e41456b..ab52468 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c @@ -256,6 +256,9 @@ static int br_parse_ip_options(struct sk_buff *skb) struct net_device *dev = skb->dev; u32 len; + if (!pskb_may_pull(skb, sizeof(struct iphdr))) + goto inhdr_error; + iph = ip_hdr(skb); opt = &(IPCB(skb)->opt);
This is a note to let you know that I have just added a patch titled bridge: Pull ip header into skb->data before looking into ip to the linux-3.5.y-queue branch of the 3.5.y.z extended stable tree which can be found at: http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.5.y-queue If you, or anyone else, feels it should not be added to this tree, please reply to this email. For more information about the 3.5.y.z tree, see https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable Thanks. -Herton ------ From 2c8ce837198bb3a7a35b22b156fe2eec433a2dc1 Mon Sep 17 00:00:00 2001 From: Sarveshwar Bandi <sarveshwar.bandi@emulex.com> Date: Wed, 10 Oct 2012 01:15:01 +0000 Subject: [PATCH] bridge: Pull ip header into skb->data before looking into ip header. commit 6caab7b0544e83e6c160b5e80f5a4a7dd69545c7 upstream. If lower layer driver leaves the ip header in the skb fragment, it needs to be first pulled into skb->data before inspecting ip header length or ip version number. Signed-off-by: Sarveshwar Bandi <sarveshwar.bandi@emulex.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Herton Ronaldo Krzesinski <herton.krzesinski@canonical.com> --- net/bridge/br_netfilter.c | 3 +++ 1 file changed, 3 insertions(+) -- 1.7.9.5