Re: [BK PATCH] Fix ip_conntrack_amanda data corruption bug thatbreaks amanda dumps

From: Henrik Nordstrom
Date: Fri Nov 05 2004 - 17:26:48 EST

Next message: Justin Thiessen: "Re: [PATCH] 2.6 lm85.c driver update"
Previous message: Adam Heath: "Re: support of older compilers"
In reply to: Patrick McHardy: "Re: [BK PATCH] Fix ip_conntrack_amanda data corruption bug that breaksamanda dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 5 Nov 2004, Pablo Neira wrote:

Patrick, what about this? this way we save a copy to a buffer for linear skbs.

You need to make sure you or any of the later string match/extract functions are not reading outside of the skb, after the current data segment.

From what I could tell this was missing in your proposed change. If the

helper sees a packet with a C as last byte it would read past the end of the skb, and without looking at the whole source I see it very likely there is operations on the data further down assuming a null terminated string..

Regards
Henrik
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Justin Thiessen: "Re: [PATCH] 2.6 lm85.c driver update"
Previous message: Adam Heath: "Re: support of older compilers"
In reply to: Patrick McHardy: "Re: [BK PATCH] Fix ip_conntrack_amanda data corruption bug that breaksamanda dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]