linux/net
Amerigo Wang 5aa8b57200 pktgen: fix crash when generating IPv6 packets
For IPv6, sizeof(struct ipv6hdr) = 40, thus the following
expression will result negative:

        datalen = pkt_dev->cur_pkt_size - 14 -
                  sizeof(struct ipv6hdr) - sizeof(struct udphdr) -
                  pkt_dev->pkt_overhead;

And,  the check "if (datalen < sizeof(struct pktgen_hdr))" will be
passed as "datalen" is promoted to unsigned, therefore will cause
a crash later.

This is a quick fix by checking if "datalen" is negative. The following
patch will increase the default value of 'min_pkt_size' for IPv6.

This bug should exist for a long time, so Cc -stable too.

Cc: <stable@vger.kernel.org>
Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Cong Wang <amwang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-10-10 22:33:30 -04:00
..
9p Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
802
8021q vlan: don't deliver frames for unknown vlans to protocols 2012-10-08 15:21:55 -04:00
appletalk userns: Print out socket uids in a user namespace aware fashion. 2012-08-14 21:48:06 -07:00
atm net🏧fix up ENOIOCTLCMD error handling 2012-08-31 16:14:33 -04:00
ax25 userns: Convert net/ax25 to use kuid_t where appropriate 2012-08-14 21:49:42 -07:00
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-09-28 14:40:49 -04:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
bridge netlink: add attributes to fdb interface 2012-10-01 18:39:44 -04:00
caif caif: move the dereference below the NULL test 2012-09-10 16:13:31 -04:00
can sections: fix section conflicts in net/can 2012-10-06 03:04:45 +09:00
ceph rbtree: empty nodes have no color 2012-10-09 16:22:32 +09:00
core pktgen: fix crash when generating IPv6 packets 2012-10-10 22:33:30 -04:00
dcb netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
dccp dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO) 2012-08-15 21:36:31 -07:00
decnet sections: fix section conflicts in net 2012-10-06 03:04:45 +09:00
dns_resolver userns: net: Call key_alloc with GLOBAL_ROOT_UID, GLOBAL_ROOT_GID instead of 0, 0 2012-09-13 18:28:04 -07:00
dsa workqueue: deprecate flush[_delayed]_work_sync() 2012-08-20 14:51:24 -07:00
ethernet ipx: move peII functions 2012-07-19 10:48:00 -07:00
ieee802154 net/ieee802154/6lowpan.c: Remove unecessary semicolon 2012-09-18 16:08:19 -04:00
ipv4 ipv4: Add FLOWI_FLAG_KNOWN_NH 2012-10-08 17:42:36 -04:00
ipv6 ipv6: gro: fix PV6_GRO_CB(skb)->proto problem 2012-10-08 15:40:43 -04:00
ipx userns: Print out socket uids in a user namespace aware fashion. 2012-08-14 21:48:06 -07:00
irda silence some noisy printks in irda 2012-10-04 15:53:48 -04:00
iucv
key net/key/af_key.c: add range checks on ->sadb_x_policy_len 2012-10-01 17:15:06 -04:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-09-28 14:40:49 -04:00
lapb
llc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-10-02 11:11:09 -07:00
mac80211 mac80211: use ieee80211_free_txskb to fix possible skb leaks 2012-10-08 15:06:05 -04:00
mac802154
netfilter ipvs: fix ARP resolving for direct routing mode 2012-10-08 17:42:36 -04:00
netlabel Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
netlink netlink: add reference of module in netlink_dump_start 2012-10-07 00:30:56 -04:00
netrom net: change return values from -EACCES to -EPERM 2012-09-21 13:58:08 -04:00
nfc Remove noisy printks from llcp_sock_connect 2012-10-04 15:58:47 -04:00
openvswitch net/openvswitch/vport.c: Remove unecessary semicolon 2012-09-18 16:08:19 -04:00
packet Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-10-02 11:11:09 -07:00
phonet netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
rds RDS: fix rds-ping spinlock recursion 2012-10-09 13:57:23 -04:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
rose
rxrpc userns: net: Call key_alloc with GLOBAL_ROOT_UID, GLOBAL_ROOT_GID instead of 0, 0 2012-09-13 18:28:04 -07:00
sched Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-10-06 03:11:59 +09:00
sunrpc Merge branch 'for-3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq 2012-10-02 09:54:49 -07:00
tipc tipc: prevent dropped connections due to rcvbuf overflow 2012-10-04 15:53:48 -04:00
unix af_unix: old_cred is surplus 2012-09-17 13:00:13 -04:00
wanrouter wanmain: comparing array with NULL 2012-07-24 13:55:21 -07:00
wimax
wireless Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next 2012-09-30 02:30:16 -04:00
x25
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
compat.c make get_file() return its argument 2012-09-26 21:10:25 -04:00
Kconfig net: Add INET dependency on aes crypto for the sake of TCP fastopen. 2012-09-04 14:20:14 -04:00
Makefile
nonet.c
socket.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2012-10-02 20:25:04 -07:00
sysctl_net.c