| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1255555458.20869.221.camel@nseg_linux_HP1.broadcom.com> Date: Wed, 14 Oct 2009 14:24:18 -0700 From: "Michael Chan" <mchan@...adcom.com> To: "William Allen Simpson" <william.allen.simpson@...il.com> cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: query: bnx2 and tg3 don't check tcp and/or ip header length validity? On Wed, 2009-10-14 at 13:46 -0700, William Allen Simpson wrote: > William Allen Simpson wrote: > > My question is whether it would be OK to add a simple test, and set it to > > zero in case of bad values? > > > Although both are compiled in my build, I've got no way to test them. I'm > just going to do the easy thing and set to zero for now. Somebody that > knows the code -- who should have done real error checking -- could actually > write better error checking and comments about the purpose of cramming the > length of the TCP option field into a tag.... The option length is needed by the hardware to segment a TSO packet into proper MTU-sized packets. You'll get malformed packets if the TSO header is bad. Setting it to zero perhaps can make these bad packets more deterministic, but I don't know for sure. > > - tcp_opt_len = tcp_optlen(skb); > + tcp_opt_len = tcp_option_len_th(tcp_hdr(skb)); > + if (tcp_opt_len < 0) > + tcp_opt_len = 0; > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists