projects / wrapfs-4.8.y.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ba93cf7) | patch
ipv6: dccp: fix out of bound access in dccp_v6_err()
authorEric Dumazet <edumazet@google.com>
Thu, 3 Nov 2016 03:30:48 +0000 (20:30 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 21 Nov 2016 09:11:35 +0000 (10:11 +0100)
commit84d9c612bb7a9e44c6bf286bedfbe72a6d2d71d4
tree9ac4d75b5b2882257be2432f3a8f5a4d177c5618tree | snapshot
parentba93cf7d2118774c0b2dcfccc8ae999427815caacommit | diff
ipv6: dccp: fix out of bound access in dccp_v6_err()

[ Upstream commit 1aa9d1a0e7eefcc61696e147d123453fc0016005 ]

dccp_v6_err() does not use pskb_may_pull() and might access garbage.

We only need 4 bytes at the beginning of the DCCP header, like TCP,
so the 8 bytes pulled in icmpv6_notify() are more than enough.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/dccp/ipv6.c diff | blob | history
wrapfs-4.8.y