Re: [PATCH v2 06/25] tcp: authopt: Compute packet signatures
From: Dmitry Safonov
Date: Thu Nov 04 2021 - 22:08:47 EST
On 11/1/21 16:34, Leonard Crestez wrote:
[..]
> +/* Find TCP_AUTHOPT in header.
> + *
> + * Returns pointer to TCP_AUTHOPT or NULL if not found.
> + */
> +static u8 *tcp_authopt_find_option(struct tcphdr *th)
> +{
> + int length = (th->doff << 2) - sizeof(*th);
> + u8 *ptr = (u8 *)(th + 1);
> +
> + while (length >= 2) {
> + int opcode = *ptr++;
> + int opsize;
> +
> + switch (opcode) {
> + case TCPOPT_EOL:
> + return NULL;
> + case TCPOPT_NOP:
> + length--;
> + continue;
> + default:
> + if (length < 2)
> + return NULL;
^ never true, as checked by the loop condition
> + opsize = *ptr++;
> + if (opsize < 2)
> + return NULL;
> + if (opsize > length)
> + return NULL;
> + if (opcode == TCPOPT_AUTHOPT)
> + return ptr - 2;
> + }
> + ptr += opsize - 2;
> + length -= opsize;
> + }
> + return NULL;
> +}
Why copy'n'pasting tcp_parse_md5sig_option(), rather than adding a new
argument to the function?
Thanks,
Dmitry