linux/net
Pablo Neira Ayuso a206bcb3b0 netfilter: xt_TCPOPTSTRIP: fix possible off by one access
Fix a possible off by one access since optlen()
touches opt[offset+1] unsafely when i == tcp_hdrlen(skb) - 1.

This patch replaces tcp_hdrlen() by the local variable tcp_hdrlen
that stores the TCP header length, to save some cycles.

Reported-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-08-01 11:45:15 +02:00
..
9p Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-07-13 17:42:22 -07:00
802 net/802/mrp: fix lockdep splat 2013-05-14 13:02:30 -07:00
8021q vlan: fix a race in egress prio management 2013-07-18 13:07:13 -07:00
appletalk net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
atm net: always pass struct netdev_notifier_info to netdevice notifiers 2013-05-28 21:58:54 -07:00
ax25 net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
batman-adv net: Unmap fragment page once iterator is done 2013-06-24 01:46:01 -07:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-07-09 18:24:39 -07:00
bridge bridge: do not call setup_timer() multiple times 2013-07-19 22:12:42 -07:00
caif net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
can net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
ceph libceph: call r_unsafe_callback when unsafe reply is received 2013-07-03 15:32:58 -07:00
core neigh: prevent overflowing params in /proc/sys/net/ipv4/neigh/ 2013-07-26 14:22:10 -07:00
dcb rtnetlink: Remove passing of attributes into rtnl_doit functions 2013-03-22 10:31:16 -04:00
dccp tcp: Remove TCPCT 2013-03-17 14:35:13 -04:00
decnet net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
dns_resolver net: strict_strtoul is obsolete, use kstrtoul instead 2013-07-12 16:09:14 -07:00
dsa dsa: fix freeing of sparse port allocation 2013-03-25 12:23:41 -04:00
ethernet net: Fix sysfs_format_mac() code duplication. 2013-07-16 17:09:22 -07:00
ieee802154 net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
ipv4 fib_trie: potential out of bounds access in trie_show_stats() 2013-07-24 16:05:14 -07:00
ipv6 ipv6: take rtnl_lock and mark mrt6 table as freed on namespace cleanup 2013-07-24 17:02:13 -07:00
ipx net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
irda net/irda: fixed style issues in irlan_eth 2013-07-16 12:16:03 -07:00
iucv net: delete __cpuinit usage from all net files 2013-07-14 19:36:58 -04:00
key af_key: more info leaks in pfkey messages 2013-07-30 16:26:16 -07:00
l2tp l2tp: make datapath resilient to packet loss when sequence numbers enabled 2013-07-02 16:33:25 -07:00
lapb
llc llc: Fix missing msg_namelen update in llc_ui_recvmsg() 2013-04-07 16:28:01 -04:00
mac80211 mac80211/minstrel: fix NULL pointer dereference issue 2013-07-16 17:48:14 +03:00
mac802154 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-30 03:55:20 -04:00
mpls MPLS: Add limited GSO support 2013-05-27 22:50:59 -07:00
netfilter netfilter: xt_TCPOPTSTRIP: fix possible off by one access 2013-08-01 11:45:15 +02:00
netlabel net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
netlink genetlink: fix usage of NLM_F_EXCL or NLM_F_REPLACE 2013-07-30 16:43:19 -07:00
netrom net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
nfc NFC: llcp: Fix the well known services endianness 2013-06-14 13:45:10 +02:00
openvswitch openvswitch: Add Kconfig dependency on GRE-DEMUX. 2013-07-01 13:19:43 -07:00
packet Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-06-19 16:49:39 -07:00
phonet net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
rds net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
rfkill Merge branch 'for-john' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next 2013-04-22 14:58:14 -04:00
rose net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
rxrpc Driver core patches for 3.9-rc1 2013-02-21 12:05:51 -08:00
sched net_sched: Fix stack info leak in cbq_dump_wrr(). 2013-07-30 00:16:21 -07:00
sctp net: sctp: confirm route during forward progress 2013-07-09 12:49:56 -07:00
sunrpc Merge branch 'for-3.11' of git://linux-nfs.org/~bfields/linux 2013-07-17 13:43:55 -07:00
tipc net/tipc: use %*phC to dump small buffers in hex form 2013-07-11 17:03:36 -07:00
unix Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-07-09 18:24:39 -07:00
vmw_vsock VSOCK: Fix VSOCK_HASH and VSOCK_CONN_HASH 2013-06-23 23:51:48 -07:00
wimax
wireless nl80211: fix the setting of RSSI threshold value for mesh 2013-07-16 09:55:58 +03:00
x25 x25: Fix broken locking in ioctl error paths. 2013-07-01 18:15:25 -07:00
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2013-06-26 13:23:13 -07:00
compat.c net: Unbreak compat_sys_{send,recv}msg 2013-06-06 11:52:14 -07:00
Kconfig Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-07-09 18:24:39 -07:00
Makefile MPLS: Add limited GSO support 2013-05-27 22:50:59 -07:00
nonet.c
socket.c net: rename busy poll socket op and globals 2013-07-10 17:08:27 -07:00
sysctl_net.c