TCP: Make sure write_queue_from does not begin with NULL ptr (CVE-2007-5501)

TCP: Make sure write_queue_from does not begin with NULL ptr (CVE-2007-5501)

patch 96a2d41a3e495734b63bff4e5dd0112741b93b38 in mainline.

NULL ptr can be returned from tcp_write_queue_head to cached_skb
and then assigned to skb if packets_out was zero. Without this,
system is vulnerable to a carefully crafted ACKs which obviously
is remotely triggerable.

Besides, there's very little that needs to be done in sacktag
if there weren't any packets outstanding, just skipping the rest
doesn't hurt.

Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>