* [PATCH] ipv6: raw: fix icmpv6_filter()
@ 2012-09-25 17:03 Eric Dumazet
2012-09-25 17:23 ` David Miller
0 siblings, 1 reply; 2+ messages in thread
From: Eric Dumazet @ 2012-09-25 17:03 UTC (permalink / raw)
To: David Miller; +Cc: netdev
From: Eric Dumazet <edumazet@google.com>
icmpv6_filter() should not modify its input, or else its caller
would need to recompute ipv6_hdr() if skb->head is reallocated.
Use skb_header_pointer() instead of pskb_may_pull() and
change the prototype to make clear both sk and skb are const.
Also, if icmpv6 header cannot be found, do not deliver the packet,
as we do in IPv4.
Signed-off-by: Eric Dumazet <edumazet@google.com>
---
Note: another patch is needed in mip6_mh_filter()
net/ipv6/raw.c | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
index ef0579d..4a5f78b 100644
--- a/net/ipv6/raw.c
+++ b/net/ipv6/raw.c
@@ -107,21 +107,20 @@ found:
* 0 - deliver
* 1 - block
*/
-static __inline__ int icmpv6_filter(struct sock *sk, struct sk_buff *skb)
+static int icmpv6_filter(const struct sock *sk, const struct sk_buff *skb)
{
- struct icmp6hdr *icmph;
- struct raw6_sock *rp = raw6_sk(sk);
-
- if (pskb_may_pull(skb, sizeof(struct icmp6hdr))) {
- __u32 *data = &rp->filter.data[0];
- int bit_nr;
+ struct icmp6hdr *_hdr;
+ const struct icmp6hdr *hdr;
- icmph = (struct icmp6hdr *) skb->data;
- bit_nr = icmph->icmp6_type;
+ hdr = skb_header_pointer(skb, skb_transport_offset(skb),
+ sizeof(_hdr), &_hdr);
+ if (hdr) {
+ const __u32 *data = &raw6_sk(sk)->filter.data[0];
+ unsigned int type = hdr->icmp6_type;
- return (data[bit_nr >> 5] & (1 << (bit_nr & 31))) != 0;
+ return (data[type >> 5] & (1U << (type & 31))) != 0;
}
- return 0;
+ return 1;
}
#if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] ipv6: raw: fix icmpv6_filter()
2012-09-25 17:03 [PATCH] ipv6: raw: fix icmpv6_filter() Eric Dumazet
@ 2012-09-25 17:23 ` David Miller
0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2012-09-25 17:23 UTC (permalink / raw)
To: eric.dumazet; +Cc: netdev
From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Tue, 25 Sep 2012 19:03:40 +0200
> From: Eric Dumazet <edumazet@google.com>
>
> icmpv6_filter() should not modify its input, or else its caller
> would need to recompute ipv6_hdr() if skb->head is reallocated.
>
> Use skb_header_pointer() instead of pskb_may_pull() and
> change the prototype to make clear both sk and skb are const.
>
> Also, if icmpv6 header cannot be found, do not deliver the packet,
> as we do in IPv4.
>
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> ---
> Note: another patch is needed in mip6_mh_filter()
A rather pervasive issues, it appears.
Applied and queued up for -stable, thanks Eric.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-09-25 17:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-09-25 17:03 [PATCH] ipv6: raw: fix icmpv6_filter() Eric Dumazet
2012-09-25 17:23 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).