| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Nov 2020 22:57:36 +0000
From: "Georg Kohmann (geokohma)" <geokohma@...co.com>
To: Pablo Neira Ayuso <pablo@...filter.org>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"kadlec@...filter.org" <kadlec@...filter.org>,
"fw@...len.de" <fw@...len.de>,
"davem@...emloft.net" <davem@...emloft.net>,
"kuznet@....inr.ac.ru" <kuznet@....inr.ac.ru>,
"yoshfuji@...ux-ipv6.org" <yoshfuji@...ux-ipv6.org>,
"kuba@...nel.org" <kuba@...nel.org>,
"netfilter-devel@...r.kernel.org" <netfilter-devel@...r.kernel.org>,
"coreteam@...filter.org" <coreteam@...filter.org>
Subject: Re: [PATCH net v4] ipv6/netfilter: Discard first fragment not
including all headers
On 18.11.2020 19:16, Pablo Neira Ayuso wrote:
> Hi,
>
> On Wed, Nov 11, 2020 at 12:50:25PM +0100, Georg Kohmann wrote:
> [...]
>> diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
>> index c8cf1bb..e3869ba 100644
>> --- a/net/ipv6/reassembly.c
>> +++ b/net/ipv6/reassembly.c
>> @@ -318,15 +318,43 @@ static int ip6_frag_reasm(struct frag_queue *fq, struct sk_buff *skb,
>> return -1;
>> }
>>
>> +/* Check if the upper layer header is truncated in the first fragment. */
>> +bool ipv6_frag_thdr_truncated(struct sk_buff *skb, int start, u8 *nexthdrp)
> Please, follow up and send a patch to place this function in
> include/net/ipv6_frag.h as static inline.
>
> See: https://marc.info/?l=netfilter-devel&m=160571942728516&w=2
Thanks for the link to the similar problem. I have been looking into this all day.
I am working on a patch now.
Powered by blists - more mailing lists