| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Oct 2017 13:59:40 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'William Tu' <u9012063@...il.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
CC: Xin Long <lucien.xin@...il.com>
Subject: RE: [PATCH net-next] ip_gre: check packet length and mtu correctly
in erspan_fb_xmit
From: William Tu
> Sent: 05 October 2017 01:14
> Similarly to early patch for erspan_xmit(), the ARPHDR_ETHER device
> is the length of the whole ether packet. So skb->len should subtract
> the dev->hard_header_len.
>
> Fixes: 1a66a836da63 ("gre: add collect_md mode to ERSPAN tunnel")
> Signed-off-by: William Tu <u9012063@...il.com>
> Cc: Xin Long <lucien.xin@...il.com>
> ---
> net/ipv4/ip_gre.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
> index b279c325c7f6..10b21fe5b3a6 100644
> --- a/net/ipv4/ip_gre.c
> +++ b/net/ipv4/ip_gre.c
> @@ -579,7 +579,7 @@ static void erspan_fb_xmit(struct sk_buff *skb, struct net_device *dev,
> if (gre_handle_offloads(skb, false))
> goto err_free_rt;
>
> - if (skb->len > dev->mtu) {
> + if (skb->len - dev->hard_header_len > dev->mtu) {
Can you guarantee that skb->len > dev_hard_header_len?
It is probably safer to check skb->len > dev->hard_header_len + dev->mtu
since that addition isn't going to overflow.
> pskb_trim(skb, dev->mtu);
> truncate = true;
Is that pskb_trim() now truncating to the correct size?
David
Powered by blists - more mailing lists