Commit 70c2efa5 authored by Changli Gao's avatar Changli Gao Committed by David S. Miller

act_nat: not all of the ICMP packets need an IP header payload

not all of the ICMP packets need an IP header payload, so we check the length
of the skbs only when the packets should have an IP header payload.

Based upon analysis and initial patch by Rodrigo Partearroyo González.
Signed-off-by: default avatarChangli Gao <xiaosuo@gmail.com>
Acked-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
----
 net/sched/act_nat.c |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent c4363d6a
...@@ -205,7 +205,7 @@ static int tcf_nat(struct sk_buff *skb, struct tc_action *a, ...@@ -205,7 +205,7 @@ static int tcf_nat(struct sk_buff *skb, struct tc_action *a,
{ {
struct icmphdr *icmph; struct icmphdr *icmph;
if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph))) if (!pskb_may_pull(skb, ihl + sizeof(*icmph)))
goto drop; goto drop;
icmph = (void *)(skb_network_header(skb) + ihl); icmph = (void *)(skb_network_header(skb) + ihl);
...@@ -215,6 +215,9 @@ static int tcf_nat(struct sk_buff *skb, struct tc_action *a, ...@@ -215,6 +215,9 @@ static int tcf_nat(struct sk_buff *skb, struct tc_action *a,
(icmph->type != ICMP_PARAMETERPROB)) (icmph->type != ICMP_PARAMETERPROB))
break; break;
if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
goto drop;
iph = (void *)(icmph + 1); iph = (void *)(icmph + 1);
if (egress) if (egress)
addr = iph->daddr; addr = iph->daddr;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment