[PATCH 4/4] introducing skb_header_pointer() to hbh match

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 4/4] introducing skb_header_pointer() to hbh match
@ 2004-10-22  2:59 Yasuyuki Kozakai
  2004-10-24 22:47 ` Patrick McHardy
  0 siblings, 1 reply; 2+ messages in thread
From: Yasuyuki Kozakai @ 2004-10-22  2:59 UTC (permalink / raw)
  To: netfilter-devel

[-- Attachment #1: Type: Text/Plain, Size: 256 bytes --]

This patch introduces skb_header_pointer() to ip6t_hbh.c

Signed-off-by Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>

-----------------------------------------------------------------
Yasuyuki KOZAKAI @ USAGI Project <yasuyuki.kozakai@toshiba.co.jp>


[-- Attachment #2: hbh-nolin.patch --]
[-- Type: Text/Plain, Size: 4016 bytes --]

--- linux-2.6.9-rc3-nolin-extfix/net/ipv6/netfilter/ip6t_hbh.c	2004-10-21 10:35:33.068081256 +0900
+++ linux-2.6.9-rc3-nolin-ext/net/ipv6/netfilter/ip6t_hbh.c	2004-10-21 10:43:27.996881104 +0900
@@ -60,7 +60,7 @@
       unsigned int protoff,
       int *hotdrop)
 {
-       struct ipv6_opt_hdr *optsh = NULL;
+       struct ipv6_opt_hdr _optsh, *oh;
        const struct ip6t_opts *optinfo = matchinfo;
        unsigned int temp;
        unsigned int len;
@@ -68,7 +68,8 @@
        unsigned int ptr;
        unsigned int hdrlen = 0;
        unsigned int ret = 0;
-       u8 *opttype = NULL;
+       u8 _opttype, *tp = NULL;
+       u8 _optlen, *lp = NULL;
        unsigned int optlen;
        
        /* type of the 1st exthdr */
@@ -80,7 +81,7 @@
        temp = 0;
 
         while (ip6t_ext_hdr(nexthdr)) {
-               struct ipv6_opt_hdr *hdr;
+               struct ipv6_opt_hdr _hdr, *hp;
 
               DEBUGP("ipv6_opts header iteration \n");
 
@@ -96,15 +97,16 @@
                      break;
               }
 
-	      hdr = (void *)(skb->data + ptr);
+	      hp = skb_header_pointer(skb, ptr, sizeof(_hdr), &_hdr);
+	      BUG_ON(hp == NULL);
 
               /* Calculate the header length */
                 if (nexthdr == NEXTHDR_FRAGMENT) {
                         hdrlen = 8;
                 } else if (nexthdr == NEXTHDR_AUTH)
-                        hdrlen = (hdr->hdrlen+2)<<2;
+                        hdrlen = (hp->hdrlen+2)<<2;
                 else
-                        hdrlen = ipv6_optlen(hdr);
+                        hdrlen = ipv6_optlen(hp);
 
               /* OPTS -> evaluate */
 #if HOPBYHOP
@@ -132,7 +134,7 @@
                             break;
               }
 
-                nexthdr = hdr->nexthdr;
+                nexthdr = hp->nexthdr;
                 len -= hdrlen;
                 ptr += hdrlen;
 		if ( ptr > skb->len ) {
@@ -158,9 +160,10 @@
        		return 0;
        }
 
-       optsh = (void *)(skb->data + ptr);
+       oh = skb_header_pointer(skb, ptr, sizeof(_optsh), &_optsh);
+       BUG_ON(oh == NULL);
 
-       DEBUGP("IPv6 OPTS LEN %u %u ", hdrlen, optsh->hdrlen);
+       DEBUGP("IPv6 OPTS LEN %u %u ", hdrlen, oh->hdrlen);
 
        DEBUGP("len %02X %04X %02X ",
        		optinfo->hdrlen, hdrlen,
@@ -168,7 +171,7 @@
                            ((optinfo->hdrlen == hdrlen) ^
                            !!(optinfo->invflags & IP6T_OPTS_INV_LEN))));
 
-       ret = (optsh != NULL)
+       ret = (oh != NULL)
        		&&
 	      	(!(optinfo->flags & IP6T_OPTS_LEN) ||
                            ((optinfo->hdrlen == hdrlen) ^
@@ -185,36 +188,43 @@
 		DEBUGP("#%d ",optinfo->optsnr);
 		for(temp=0; temp<optinfo->optsnr; temp++){
 			/* type field exists ? */
-			if (ptr > skb->len - 1 || hdrlen < 1)
+			if (hdrlen < 1)
+				break;
+			tp = skb_header_pointer(skb, ptr, sizeof(_opttype),
+						&_opttype);
+			if (tp == NULL)
 				break;
-			opttype = (void *)(skb->data + ptr);
 
 			/* Type check */
-			if (*opttype != (optinfo->opts[temp] & 0xFF00)>>8){
+			if (*tp != (optinfo->opts[temp] & 0xFF00)>>8){
 				DEBUGP("Tbad %02X %02X\n",
-				       *opttype,
+				       *tp,
 				       (optinfo->opts[temp] & 0xFF00)>>8);
 				return 0;
 			} else {
 				DEBUGP("Tok ");
 			}
 			/* Length check */
-			if (*opttype) {
+			if (*tp) {
 				u16 spec_len;
 
 				/* length field exists ? */
-				if (ptr > skb->len - 2 || hdrlen < 2)
+				if (hdrlen < 2)
+					break;
+				lp = skb_header_pointer(skb, ptr + 1,
+							sizeof(_optlen),
+							&_optlen);
+				if (lp == NULL)
 					break;
-				optlen = *((u8 *)(skb->data + ptr + 1));
 				spec_len = optinfo->opts[temp] & 0x00FF;
 
-				if (spec_len != 0x00FF && spec_len != optlen) {
-					DEBUGP("Lbad %02X %04X\n", optlen,
+				if (spec_len != 0x00FF && spec_len != *lp) {
+					DEBUGP("Lbad %02X %04X\n", *lp,
 					       spec_len);
 					return 0;
 				}
 				DEBUGP("Lok ");
-				optlen += 2;
+				optlen = *lp + 2;
 			} else {
 				DEBUGP("Pad1\n");
 				optlen = 1;

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH 4/4] introducing skb_header_pointer() to hbh match
  2004-10-22  2:59 [PATCH 4/4] introducing skb_header_pointer() to hbh match Yasuyuki Kozakai
@ 2004-10-24 22:47 ` Patrick McHardy
  0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2004-10-24 22:47 UTC (permalink / raw)
  To: Yasuyuki Kozakai; +Cc: netfilter-devel

Yasuyuki Kozakai wrote:

>This patch introduces skb_header_pointer() to ip6t_hbh.c
>
Thanks Yasuyuki, all four patches applied.

Regards
Patrick

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2004-10-24 22:47 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-10-22  2:59 [PATCH 4/4] introducing skb_header_pointer() to hbh match Yasuyuki Kozakai
2004-10-24 22:47 ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.