| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190617225808.665-29-mathew.j.martineau@linux.intel.com>
Date: Mon, 17 Jun 2019 15:58:03 -0700
From: Mat Martineau <mathew.j.martineau@...ux.intel.com>
To: edumazet@...gle.com, netdev@...r.kernel.org
Cc: Mat Martineau <mathew.j.martineau@...ux.intel.com>,
cpaasch@...le.com, fw@...len.de, pabeni@...hat.com,
peter.krystad@...ux.intel.com, dcaratti@...hat.com,
matthieu.baerts@...sares.net
Subject: [RFC PATCH net-next 28/33] tcp: Check for filled TCP option space before SACK
The SACK code would potentially add four bytes to the expected
TCP option size even if all option space was already used.
Signed-off-by: Mat Martineau <mathew.j.martineau@...ux.intel.com>
---
net/ipv4/tcp_output.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 5fe9459bbd6a..e980546e330a 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -805,6 +805,9 @@ static unsigned int tcp_established_options(struct sock *sk, struct sk_buff *skb
}
}
+ if (size + TCPOLEN_SACK_BASE_ALIGNED >= MAX_TCP_OPTION_SPACE)
+ return size;
+
eff_sacks = tp->rx_opt.num_sacks + tp->rx_opt.dsack;
if (unlikely(eff_sacks)) {
const unsigned int remaining = MAX_TCP_OPTION_SPACE - size;
--
2.22.0
Powered by blists - more mailing lists