| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 Jul 2023 20:09:59 -0700 From: Jakub Kicinski <kuba@...nel.org> To: Yue Haibing <yuehaibing@...wei.com> Cc: <davem@...emloft.net>, <dsahern@...nel.org>, <edumazet@...gle.com>, <pabeni@...hat.com>, <yoshfuji@...ux-ipv6.org>, <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>, <simon.horman@...igine.com> Subject: Re: [PATCH v2] ip6mr: Fix skb_under_panic in ip6mr_cache_report() On Fri, 28 Jul 2023 20:17:03 +0800 Yue Haibing wrote: > #ifdef CONFIG_IPV6_PIMSM_V2 > + int nhoff = skb_network_offset(pkt); > if (assert == MRT6MSG_WHOLEPKT || assert == MRT6MSG_WRMIFWHOLE) > - skb = skb_realloc_headroom(pkt, -skb_network_offset(pkt) > - +sizeof(*msg)); > + skb = skb_realloc_headroom(pkt, -nhoff + sizeof(*msg)); These changes look unnecessary. You can leave this code be (as ugly as it is)... > else > #endif > skb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(*msg), GFP_ATOMIC); > @@ -1073,7 +1073,7 @@ static int ip6mr_cache_report(const struct mr_table *mrt, struct sk_buff *pkt, > And all this only to mangle msg->im6_msgtype and > to set msg->im6_mbz to "mbz" :-) > */ > - skb_push(skb, -skb_network_offset(pkt)); > + __skb_pull(skb, nhoff); .. and just replace the push here with: __skb_pull(skb, skb_network_offset(pkt)); -- pw-bot: cr
Powered by blists - more mailing lists