* [PATCH] 2.0-2.5 bug in ip_options_compile
@ 2002-09-13 22:08 Jeff DeFouw
2002-09-13 22:13 ` David S. Miller
0 siblings, 1 reply; 3+ messages in thread
From: Jeff DeFouw @ 2002-09-13 22:08 UTC (permalink / raw)
To: linux-kernel
While reading about IP options, I found the IPOPT_END padding (cleaning)
in ip_options_compile (net/ipv4/ip_options.c) was not incrementing a
pointer. There should be an optptr++ in the for end-of-block statement
to go along with the l--, otherwise it's just comparing the same byte
for each l. Patch is against 2.4.19. From the kernel source browser
this bug is also in 2.5.31, 2.2.21, and 2.0.39.
--- linux/net/ipv4/ip_options.c.orig 2002-09-13 15:12:24.000000000 -0500
+++ linux/net/ipv4/ip_options.c 2002-09-13 15:12:50.000000000 -0500
@@ -266,7 +266,7 @@
for (l = opt->optlen; l > 0; ) {
switch (*optptr) {
case IPOPT_END:
- for (optptr++, l--; l>0; l--) {
+ for (optptr++, l--; l>0; optptr++, l--) {
if (*optptr != IPOPT_END) {
*optptr = IPOPT_END;
opt->is_changed = 1;
--
Jeff DeFouw <defouwj@purdue.edu>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] 2.0-2.5 bug in ip_options_compile
2002-09-13 22:08 [PATCH] 2.0-2.5 bug in ip_options_compile Jeff DeFouw
@ 2002-09-13 22:13 ` David S. Miller
2002-09-13 22:50 ` David Weinehall
0 siblings, 1 reply; 3+ messages in thread
From: David S. Miller @ 2002-09-13 22:13 UTC (permalink / raw)
To: defouwj; +Cc: linux-kernel
From: Jeff DeFouw <defouwj@purdue.edu>
Date: Fri, 13 Sep 2002 17:08:38 -0500
While reading about IP options, I found the IPOPT_END padding (cleaning)
in ip_options_compile (net/ipv4/ip_options.c) was not incrementing a
pointer. There should be an optptr++ in the for end-of-block statement
to go along with the l--, otherwise it's just comparing the same byte
for each l. Patch is against 2.4.19. From the kernel source browser
this bug is also in 2.5.31, 2.2.21, and 2.0.39.
Thanks a lot for spotting this, I will add this
to my 2.4.x and 2.5.x trees and merge upstream.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] 2.0-2.5 bug in ip_options_compile
2002-09-13 22:13 ` David S. Miller
@ 2002-09-13 22:50 ` David Weinehall
0 siblings, 0 replies; 3+ messages in thread
From: David Weinehall @ 2002-09-13 22:50 UTC (permalink / raw)
To: David S. Miller; +Cc: defouwj, linux-kernel
On Fri, Sep 13, 2002 at 03:13:06PM -0700, David S. Miller wrote:
> From: Jeff DeFouw <defouwj@purdue.edu>
> Date: Fri, 13 Sep 2002 17:08:38 -0500
>
> While reading about IP options, I found the IPOPT_END padding (cleaning)
> in ip_options_compile (net/ipv4/ip_options.c) was not incrementing a
> pointer. There should be an optptr++ in the for end-of-block statement
> to go along with the l--, otherwise it's just comparing the same byte
> for each l. Patch is against 2.4.19. From the kernel source browser
> this bug is also in 2.5.31, 2.2.21, and 2.0.39.
>
> Thanks a lot for spotting this, I will add this
> to my 2.4.x and 2.5.x trees and merge upstream.
Thanks. Will be in 2.0.40-rc7.
Regards: David Weinehall
--
/> David Weinehall <tao@acc.umu.se> /> Northern lights wander <\
// Maintainer of the v2.0 kernel // Dance across the winter sky //
\> http://www.acc.umu.se/~tao/ </ Full colour fire </
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-09-13 22:45 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-09-13 22:08 [PATCH] 2.0-2.5 bug in ip_options_compile Jeff DeFouw
2002-09-13 22:13 ` David S. Miller
2002-09-13 22:50 ` David Weinehall
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.