[072/114] act_nat: fix wild pointer

From: Greg KH
Date: Tue Aug 24 2010 - 19:03:16 EST

Next message: Greg KH: "[078/114] oprofile: add support for Intel processor model 30"
Previous message: Greg KH: "[073/114] Fix init ordering of /dev/console vs callers of modprobe"
In reply to: Greg KH: "[073/114] Fix init ordering of /dev/console vs callers of modprobe"
Next in thread: Greg KH: "[078/114] oprofile: add support for Intel processor model 30"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.35-stable review patch. If anyone has any objections, please let us know.

------------------

From: Changli Gao <xiaosuo@xxxxxxxxx>

[ Upstream commit 072d79a31a3b870b49886f4347e23f81b7eca3ac ]

pskb_may_pull() may change skb pointers, so adjust icmph after pskb_may_pull().

Signed-off-by: Changli Gao <xiaosuo@xxxxxxxxx>
Acked-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
---
net/sched/act_nat.c | 1 +
1 file changed, 1 insertion(+)

--- a/net/sched/act_nat.c
+++ b/net/sched/act_nat.c
@@ -218,6 +218,7 @@ static int tcf_nat(struct sk_buff *skb,
if (!pskb_may_pull(skb, ihl + sizeof(*icmph) + sizeof(*iph)))
goto drop;

+ icmph = (void *)(skb_network_header(skb) + ihl);
iph = (void *)(icmph + 1);
if (egress)
addr = iph->daddr;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[078/114] oprofile: add support for Intel processor model 30"
Previous message: Greg KH: "[073/114] Fix init ordering of /dev/console vs callers of modprobe"
In reply to: Greg KH: "[073/114] Fix init ordering of /dev/console vs callers of modprobe"
Next in thread: Greg KH: "[078/114] oprofile: add support for Intel processor model 30"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]