]> git.karo-electronics.de Git - karo-tx-linux.git/commitdiff
projects / karo-tx-linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2226d5b)
bridge: reset IPCB in br_parse_ip_options
authorEric Dumazet <eric.dumazet@gmail.com>
Tue, 12 Apr 2011 20:39:14 +0000 (13:39 -0700)
committerGreg Kroah-Hartman <gregkh@suse.de>
Thu, 21 Apr 2011 21:33:00 +0000 (14:33 -0700)
commit f8e9881c2aef1e982e5abc25c046820cd0b7cf64 upstream.

Commit 462fb2af9788a82 (bridge : Sanitize skb before it enters the IP
stack), missed one IPCB init before calling ip_options_compile()

Thanks to Scot Doyle for his tests and bug reports.

Reported-by: Scot Doyle <lkml@scotdoyle.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
Acked-by: Bandan Das <bandan.das@stratus.com>
Acked-by: Stephen Hemminger <shemminger@vyatta.com>
Cc: Jan Lübbe <jluebbe@debian.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
net/bridge/br_netfilter.c patch | blob | history

diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 49d50ea5dbbc6c1631391a3b2b7ee058e8c9d312..333bcaa1377c6d56c8cea72efc5209fa7f313caf 100644 (file)
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -249,11 +249,9 @@ static int br_parse_ip_options(struct sk_buff *skb)
                goto drop;
        }
 
-       /* Zero out the CB buffer if no options present */
-       if (iph->ihl == 5) {
-               memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
+       memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
+       if (iph->ihl == 5)
                return 0;
-       }
 
        opt->optlen = iph->ihl*4 - sizeof(struct iphdr);
        if (ip_options_compile(dev_net(dev), opt, skb))
Linux kernel for KaRo TX COM modules