netfilter: synproxy: fix BUG_ON triggered by corrupt TCP packets - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Patrick McHardy <[email protected]>	2013-09-30 08:51:46 +0100
committer	Pablo Neira Ayuso <[email protected]>	2013-09-30 12:44:38 +0200
commit	f4a87e7bd2eaef26a3ca25437ce8b807de2966ad (patch)
tree	72359689d53c3ce656b4568f04b8ee92dd2e05f4 /tools/perf/util/scripting-engines/trace-event-perl.c
parent	d1ee4fea0b6946dd8bc61b46db35ea80af7af34b (diff)

netfilter: synproxy: fix BUG_ON triggered by corrupt TCP packets

TCP packets hitting the SYN proxy through the SYNPROXY target are not validated by TCP conntrack. When th->doff is below 5, an underflow happens when calculating the options length, causing skb_header_pointer() to return NULL and triggering the BUG_ON(). Handle this case gracefully by checking for NULL instead of using BUG_ON(). Reported-by: Martin Topholm <[email protected]> Tested-by: Martin Topholm <[email protected]> Signed-off-by: Patrick McHardy <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>

Diffstat (limited to 'tools/perf/util/scripting-engines/trace-event-perl.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: