tcp: len check is unnecessarily devastating, change to WARN_ON

All callers are prepared for alloc failures anyway, so this error can safely be boomeranged to the callers domain without super bad consequences. ...At worst the connection might go into a state where each RTO tries to (unsuccessfully) re-fragment with such a mis-sized value and eventually dies. Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> 2011-04-02 04:47:41 (GMT)
committer: David S. Miller <davem@davemloft.net> 2011-04-02 04:47:41 (GMT)
commit: 2fceec13375e5d98ef033c6b0ee03943fc460950 (patch)
tree: 34870f61085509c0ff3d8cef819846fc31e94e7c /net/ipv4
parent: 2cab86bee8e7f353e6ac8c15b3eb906643497644 (diff)
download: linux-fsl-qoriq-2fceec13375e5d98ef033c6b0ee03943fc460950.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index dfa5beb..8b0d016 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -1003,7 +1003,8 @@ int tcp_fragment(struct sock *sk, struct sk_buff *skb, u32 len,
 	int nlen;
 	u8 flags;
 
-	BUG_ON(len > skb->len);
+	if (WARN_ON(len > skb->len))
+		return -EINVAL;
 
 	nsize = skb_headlen(skb) - len;
 	if (nsize < 0)
author	Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>	2011-04-02 04:47:41 (GMT)
committer	David S. Miller <davem@davemloft.net>	2011-04-02 04:47:41 (GMT)
commit	2fceec13375e5d98ef033c6b0ee03943fc460950 (patch)
tree	34870f61085509c0ff3d8cef819846fc31e94e7c /net/ipv4
parent	2cab86bee8e7f353e6ac8c15b3eb906643497644 (diff)
download	linux-fsl-qoriq-2fceec13375e5d98ef033c6b0ee03943fc460950.tar.xz