linux-pinenote/net/core
Jason Wang 6f09234385 net: flow_dissector: fail on evil iph->ihl
We don't validate iph->ihl which may lead a dead loop if we meet a IPIP
skb whose iph->ihl is zero. Fix this by failing immediately when iph->ihl
is evil (less than 5).

This issue were introduced by commit ec5efe7946
(rps: support IPIP encapsulation).

Cc: Eric Dumazet <edumazet@google.com>
Cc: Petr Matousek <pmatouse@redhat.com>
Cc: Michael S. Tsirkin <mst@redhat.com>
Cc: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-11-02 02:16:07 -04:00
..
datagram.c net: use skb_copy_datagram_from_iovec() in zerocopy_sg_from_iovec() 2013-08-07 16:52:38 -07:00
dev.c netif_set_xps_queue: make cpu mask const 2013-10-07 12:29:26 -04:00
dev_addr_lists.c net/core: dev_mc_sync_multiple calls wrong helper 2013-05-31 16:56:56 -07:00
dev_ioctl.c net: fix kernel deadlock with interface rename and netdev name retrieval. 2013-06-26 13:42:54 -07:00
drop_monitor.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
dst.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
ethtool.c ethtool: fixed trailing statements in ethtool 2013-07-16 12:14:51 -07:00
fib_rules.c fib_rules: fix suppressor names and default values 2013-08-03 10:40:23 -07:00
filter.c net: fix unsafe set_memory_rw from softirq 2013-10-07 15:16:45 -04:00
flow.c net: delete __cpuinit usage from all net files 2013-07-14 19:36:58 -04:00
flow_dissector.c net: flow_dissector: fail on evil iph->ihl 2013-11-02 02:16:07 -04:00
gen_estimator.c net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00
gen_stats.c net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00
iovec.c net: move iov_pages() to net/core/iovec.c 2013-08-07 16:52:33 -07:00
link_watch.c net: make all team port device link events urgent 2013-06-13 02:31:41 -07:00
Makefile net: move procfs code to net/core/net-procfs.c 2013-02-19 00:51:10 -05:00
neighbour.c net: neighbour: Remove CONFIG_ARPD 2013-09-03 21:41:43 -04:00
net-procfs.c rps: selective flow shedding during softnet overflow 2013-05-20 13:48:04 -07:00
net-sysfs.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2013-09-07 14:35:32 -07:00
net-sysfs.h
net-traces.c
net_namespace.c userns: Kill nsown_capable it makes the wrong thing easy 2013-08-30 23:44:11 -07:00
netevent.c
netpoll.c netpoll: fix rx_hook() interface by passing the skb 2013-10-25 19:26:58 -04:00
netprio_cgroup.c cgroup: make cgroup_taskset deal with cgroup_subsys_state instead of cgroup 2013-08-08 20:11:27 -04:00
pktgen.c pktgen: add needed include file 2013-07-29 00:47:14 -07:00
request_sock.c
rtnetlink.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-08-16 15:37:26 -07:00
scm.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2013-09-07 14:35:32 -07:00
secure_seq.c net: secure_seq: Fix warning when CONFIG_IPV6 and CONFIG_INET are not selected 2013-10-09 12:59:57 -04:00
skbuff.c skb: allow skb_scrub_packet() to be used by tunnels 2013-09-04 00:27:25 -04:00
sock.c pkt_sched: fq: fix non TCP flows pacing 2013-10-08 21:54:01 -04:00
sock_diag.c sock_diag: fix filter code sent to userspace 2013-06-10 22:23:32 -07:00
stream.c net: add sk_stream_is_writeable() helper 2013-07-24 17:54:48 -07:00
sysctl_net_core.c qdisc: allow setting default queuing discipline 2013-08-31 00:32:32 -04:00
timestamping.c
user_dma.c
utils.c net: core: move mac_pton() to lib/net_utils.c 2013-06-05 12:00:27 -07:00