projects / platform / adaptation / renesas_rcar / renesas_kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 71ffe9c) | patch
netfilter: xt_TCPOPTSTRIP: fix possible off by one access
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 25 Jul 2013 08:46:46 +0000 (10:46 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 1 Aug 2013 09:45:15 +0000 (11:45 +0200)
commita206bcb3b02025b23137f3228109d72e0f835c05
tree517502da0639006d869a3d407d78132c5acb3deatree | snapshot
parent71ffe9c77dd7a2b62207953091efa8dafec958ddcommit | diff
netfilter: xt_TCPOPTSTRIP: fix possible off by one access

Fix a possible off by one access since optlen()
touches opt[offset+1] unsafely when i == tcp_hdrlen(skb) - 1.

This patch replaces tcp_hdrlen() by the local variable tcp_hdrlen
that stores the TCP header length, to save some cycles.

Reported-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/xt_TCPOPTSTRIP.c diff | blob | history
Domain: System / Uncategorized;