From patchwork Mon Apr 3 19:42:58 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Horman X-Patchwork-Id: 746639 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3vxjFZ6nR5z9s7n for ; Tue, 4 Apr 2017 05:43:14 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=netronome-com.20150623.gappssmtp.com header.i=@netronome-com.20150623.gappssmtp.com header.b="2D5L/cLe"; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752402AbdDCTnG (ORCPT ); Mon, 3 Apr 2017 15:43:06 -0400 Received: from mail-it0-f46.google.com ([209.85.214.46]:35235 "EHLO mail-it0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751812AbdDCTnF (ORCPT ); Mon, 3 Apr 2017 15:43:05 -0400 Received: by mail-it0-f46.google.com with SMTP id y18so53035967itc.0 for ; Mon, 03 Apr 2017 12:43:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netronome-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=AeoSlz6kPFLwbdoZj+6eYOUknMXT0aafvCzgqEDXND4=; b=2D5L/cLeOG7nRkxYrNulEx3I5o9vXvVE9qcJrpHi+Lyt8VcZhYmmCGIJOqVTjUSq19 N0tGsyxQ7seRxuNHaZEuF9vvSI4ksZHwKs9+Tq+Ol3Qn2LoEvS4z7ElNldZAC2ZhF1Xi nOdPdpoU/TUJ1JWusppGrFpaeAxPz7CSTQExPvRhhU5ZEhHWFY9pykJx/6UC1VaOVAR+ orstwCwpDlDT0HOwVtjKWWR6HQvl+8oxyHqkVSKqSXEfp6qQVH6IVNaPUhfpHxEjNwqV WnTgTxdlvy58Tn/+hvChbHAIGgpoCrnsWnSE5vEwS5WdqO/R9BZV3ZLXt+xxcNDNkLL7 7yXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=AeoSlz6kPFLwbdoZj+6eYOUknMXT0aafvCzgqEDXND4=; b=bX8tXc7CS04BA9Cmof0o99bkMikU9AT4xChAoLEa5Nks0rfR6K7/sqORQ0azxIA+4X IMqZYCZIfcMIirZVHCZQYto5uGZQwAekqaJgoVhaFIjWh3owrYHlaByqm5wlQ5YOL0/u MUYcGwLryunIwbaNyz1ZUH1R3xK3MqJMWLr3KcU0P9ErZ+TLVDBK3Q0NgmxlgggVrNxD AKyhjnIMWhufVeami+ybk7qrx7/qAtVINkGd0lfOn17ToChQ6lkOH2CtT5NBclO12n/j cYG693Vt5H3ywpTaSZJOyQt2b9o2YsoTjNcr7Fma1ZuBlrsSwhDycNaJuyKcr5ECSE6V /26A== X-Gm-Message-State: AFeK/H2Q4wrDc+ocWo1k3irtSPbbUjxLU2sU4gTGdKHgZLDjPDurCuAx4f3Ryt1On4m+YKKF X-Received: by 10.36.41.3 with SMTP id p3mr9612692itp.71.1491248584653; Mon, 03 Apr 2017 12:43:04 -0700 (PDT) Received: from penelope.horms.nl ([173.243.43.210]) by smtp.gmail.com with ESMTPSA id n18sm8061608ion.42.2017.04.03.12.43.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 03 Apr 2017 12:43:03 -0700 (PDT) From: Simon Horman To: David Miller Cc: Dinan Gunawardena , netdev@vger.kernel.org, oss-drivers@netronome.com, Nicolas Iooss , Simon Horman Subject: [PATCH net] flow dissector: correct size of storage for ARP Date: Mon, 3 Apr 2017 15:42:58 -0400 Message-Id: <1491248578-12014-1-git-send-email-simon.horman@netronome.com> X-Mailer: git-send-email 2.7.0.rc3.207.g0ac5344 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The last argument to __skb_header_pointer() should be a buffer large enough to store struct arphdr. This can be a pointer to a struct arphdr structure. The code was previously using a pointer to a pointer to struct arphdr. By my counting the storage available both before and after is 8 bytes on x86_64. Fixes: 55733350e5e8 ("flow disector: ARP support") Reported-by: Nicolas Iooss Signed-off-by: Simon Horman --- Dave, this problem is present in both net, since v4.11-rc1 and net-next. However, the code has refactored in net-next. I expect this will result in a conflict. Let me know if you would like me to post a version for net-next too. --- net/core/flow_dissector.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c index c35aae13c8d2..d98d4998213d 100644 --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -390,7 +390,7 @@ bool __skb_flow_dissect(const struct sk_buff *skb, unsigned char ar_tip[4]; } *arp_eth, _arp_eth; const struct arphdr *arp; - struct arphdr *_arp; + struct arphdr _arp; arp = __skb_header_pointer(skb, nhoff, sizeof(_arp), data, hlen, &_arp);