IP fragment overlap bug
Jan Vycudilik
honza na housle.sh.cvut.cz
Středa Listopad 19 11:35:09 CET 1997
Viz vcerejsi svet namodro (http://modrysvet.codalan.cz/)
Kamarad si to u me vyzkousel a opravdu to funguje (i na 2.0.32) :(
Novejsi jadro jeste neni, ze ?
Patch pro linux/net/ipv4/ip_fragment.c posilam zaroven.
h/v
------------- další část ---------------
*** ip_fragment.c.orig Wed Nov 19 10:37:50 1997
--- ip_fragment.c Wed Nov 19 01:27:43 1997
***************
*** 12,17 ****
--- 12,18 ----
* Alan Cox : Split from ip.c , see ip_input.c for history.
* Alan Cox : Handling oversized frames
* Uriel Maimon : Accounting errors in two fringe cases.
+ * route : IP fragment overlap bug
*/
#include <linux/types.h>
***************
*** 577,582 ****
--- 578,599 ----
}
}
+
+ /*
+ * Uh-oh. Some one's playing some park shenanigans on us.
+ * IP fragoverlap-linux-go-b00m bug.
+ * route 11.3.97
+ */
+
+ if (offset > end)
+ {
+ skb->sk = NULL;
+ printk("IP: Invalid IP fragment (offset > end) found from %s\n", in_ntoa(iph->saddr));
+ kfree_skb(skb, FREE_READ);
+ ip_statistics.IpReasmFails++;
+ ip_free(qp);
+ return NULL;
+ }
/*
* Insert this fragment in the chain of fragments.
*/
Další informace o konferenci Linux