Re: [PATCH] Fix corruption of skb csum field in pskb_expand_head()of net/core/skbuff.c
From: David Miller
Date: Thu Jul 22 2010 - 16:28:13 EST
From: Andrea Shepard <andrea@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 22 Jul 2010 12:12:35 -0700
> Make pskb_expand_head() check ip_summed to make sure csum_start is really
> csum_start and not csum before adjusting it.
...
> Signed-off-by: Andrea Shepard <andrea@xxxxxxxxxxxxxxxxxxx>
Applied, but your email client corrupted tab characters into spaces so
I had to apply your patch by hand.
There is a similar bug in skb_copy_expand() so I fixed that too.
Thanks again.
--------------------
net: Fix skb_copy_expand() handling of ->csum_start
It should only be adjusted if ip_summed == CHECKSUM_PARTIAL.
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
---
net/core/skbuff.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index c699159..ce88293 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -932,7 +932,8 @@ struct sk_buff *skb_copy_expand(const struct sk_buff *skb,
copy_skb_header(n, skb);
off = newheadroom - oldheadroom;
- n->csum_start += off;
+ if (n->ip_summed == CHECKSUM_PARTIAL)
+ n->csum_start += off;
#ifdef NET_SKBUFF_DATA_USES_OFFSET
n->transport_header += off;
n->network_header += off;
--
1.7.1.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/