]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6877735) | patch
netfilter: xt_TCPOPTSTRIP: fix possible off by one access
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 25 Jul 2013 08:46:46 +0000 (10:46 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 1 Aug 2013 09:45:15 +0000 (11:45 +0200)
commitd0a5d17a1c1e9d7cd758bbc380aa476c6d2d7915
tree517502da0639006d869a3d407d78132c5acb3deatree | snapshot
parent6877735ba27042a3425d5547e438e9aec61f362fcommit | diff
netfilter: xt_TCPOPTSTRIP: fix possible off by one access

Fix a possible off by one access since optlen()
touches opt[offset+1] unsafely when i == tcp_hdrlen(skb) - 1.

This patch replaces tcp_hdrlen() by the local variable tcp_hdrlen
that stores the TCP header length, to save some cycles.

Reported-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/xt_TCPOPTSTRIP.c diff | blob | history
Linux Kernel Source Tree.