linux-fsl-qoriq - Freescale linux tree with Scalys patches

diff options

author	Amerigo Wang <amwang@redhat.com>	2012-10-09 17:48:16 (GMT)
committer	David S. Miller <davem@davemloft.net>	2012-10-11 02:33:30 (GMT)
commit	5aa8b572007c4bca1e6d3dd4c4820f1ae49d6bb2 (patch)
tree	81f64cc4441a8677763b89aff0df1fba8080b184 /security
parent	85457685e0e314f6902caaef976b3fd8ef4f51b4 (diff)
download	linux-fsl-qoriq-5aa8b572007c4bca1e6d3dd4c4820f1ae49d6bb2.tar.xz

pktgen: fix crash when generating IPv6 packets

For IPv6, sizeof(struct ipv6hdr) = 40, thus the following expression will result negative: datalen = pkt_dev->cur_pkt_size - 14 - sizeof(struct ipv6hdr) - sizeof(struct udphdr) - pkt_dev->pkt_overhead; And, the check "if (datalen < sizeof(struct pktgen_hdr))" will be passed as "datalen" is promoted to unsigned, therefore will cause a crash later. This is a quick fix by checking if "datalen" is negative. The following patch will increase the default value of 'min_pkt_size' for IPv6. This bug should exist for a long time, so Cc -stable too. Cc: <stable@vger.kernel.org> Cc: David S. Miller <davem@davemloft.net> Signed-off-by: Cong Wang <amwang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>

Diffstat (limited to 'security')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: