diff options
author | Changli Gao <xiaosuo@gmail.com> | 2010-07-09 11:33:25 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2010-07-12 23:00:19 -0400 |
commit | 70c2efa5a32a7d38e66224844032160317fa7887 (patch) | |
tree | 34c0785993a0155a3677c97813f0d63e77b48dd2 /net/sched/act_nat.c | |
parent | c4363d6acd8d2ec9156f6469c742351e5d122489 (diff) |
act_nat: not all of the ICMP packets need an IP header payload
not all of the ICMP packets need an IP header payload, so we check the length
of the skbs only when the packets should have an IP header payload.
Based upon analysis and initial patch by Rodrigo Partearroyo González.
Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
----
net/sched/act_nat.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sched/act_nat.c')
-rw-r--r-- | net/sched/act_nat.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/net/sched/act_nat.c b/net/sched/act_nat.c index 570949417f38..724553e8ed7b 100644 --- a/net/sched/act_nat.c +++ b/net/sched/act_nat.c | |||
@@ -205,7 +205,7 @@ static int tcf_nat(struct sk_buff *skb, struct tc_action *a, | |||
205 | { | 205 | { |
206 | struct icmphdr *icmph; | 206 | struct icmphdr *icmph; |
207 | 207 | ||
208 | if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph))) | 208 | if (!pskb_may_pull(skb, ihl + sizeof(*icmph))) |
209 | goto drop; | 209 | goto drop; |
210 | 210 | ||
211 | icmph = (void *)(skb_network_header(skb) + ihl); | 211 | icmph = (void *)(skb_network_header(skb) + ihl); |
@@ -215,6 +215,9 @@ static int tcf_nat(struct sk_buff *skb, struct tc_action *a, | |||
215 | (icmph->type != ICMP_PARAMETERPROB)) | 215 | (icmph->type != ICMP_PARAMETERPROB)) |
216 | break; | 216 | break; |
217 | 217 | ||
218 | if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph))) | ||
219 | goto drop; | ||
220 | |||
218 | iph = (void *)(icmph + 1); | 221 | iph = (void *)(icmph + 1); |
219 | if (egress) | 222 | if (egress) |
220 | addr = iph->daddr; | 223 | addr = iph->daddr; |