| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120320075846.GF29891@secunet.com> Date: Tue, 20 Mar 2012 08:58:46 +0100 From: Steffen Klassert <steffen.klassert@...unet.com> To: Gao feng <gaofeng@...fujitsu.com> Cc: davem@...emloft.net, netdev@...r.kernel.org Subject: Re: [PATCH v2] ipv6: fix incorrent ipv6 ipsec packet fragment On Tue, Mar 20, 2012 at 11:22:59AM +0800, Gao feng wrote: > Since commit 299b0767(ipv6: Fix IPsec slowpath fragmentation problem) > In func ip6_append_data,after call skb_put(skb, fraglen + dst_exthdrlen) > the skb->len contains dst_exthdrlen,and we don't reduce dst_exthdrlen at last > This will make fraggap>0 in next "while cycle",and cause the size of skb incorrent > > Fix this by reserve headroom for dst_exthdrlen. > > Signed-off-by: Gao feng <gaofeng@...fujitsu.com> > --- > net/ipv6/ip6_output.c | 8 +++++--- > 1 files changed, 5 insertions(+), 3 deletions(-) > > diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c > index d97e071..8d5d204 100644 > --- a/net/ipv6/ip6_output.c > +++ b/net/ipv6/ip6_output.c > @@ -1418,6 +1418,8 @@ alloc_new_skb: > skb->csum = 0; > /* reserve for fragmentation */ > skb_reserve(skb, hh_len+sizeof(struct frag_hdr)); > + /* reserve for ipsec header */ > + skb_reserve(skb, dst_exthdrlen); Why not 'reserve for fragmentation and ipsec header' instead of calling skb_reserve() two times? The rest of the patch looks good. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists