ip: discard IPv4 datagrams with overlapping segments. - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Peter Oskolkov <[email protected]>	2018-08-02 23:34:37 +0000
committer	David S. Miller <[email protected]>	2018-08-05 17:16:46 -0700
commit	7969e5c40dfd04799d4341f1b7cd266b6e47f227 (patch)
tree	167103e66b8f8ebf96bf4ca7644c3e0f7b3bca10 /lib/test_overflow.c
parent	cfb4099fb4c101dad283a163c9525240ef4a1a99 (diff)

ip: discard IPv4 datagrams with overlapping segments.

This behavior is required in IPv6, and there is little need to tolerate overlapping fragments in IPv4. This change simplifies the code and eliminates potential DDoS attack vectors. Tested: ran ip_defrag selftest (not yet available uptream). Suggested-by: David S. Miller <[email protected]> Signed-off-by: Peter Oskolkov <[email protected]> Signed-off-by: Eric Dumazet <[email protected]> Cc: Florian Westphal <[email protected]> Acked-by: Stephen Hemminger <[email protected]> Signed-off-by: David S. Miller <[email protected]>

Diffstat (limited to 'lib/test_overflow.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: