Skip to content

Commit

Permalink
GSO: Reload iph after pskb_may_pull
Browse files Browse the repository at this point in the history 
As it may get stale and lead to use after free.

Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Alexander Duyck <aduyck@mirantis.com>
Cc: Andrey Konovalov <andreyknvl@google.com>
Fixes: cbc53e0 ("GSO: Add GSO type for fixed IPv4 ID")
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Acked-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Arnaldo Carvalho de Melo authored and David S. Miller committed Nov 30, 2016
1 parent 725cbb6 commit a510887
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/ipv4/af_inet.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1233,7 +1233,7 @@ struct sk_buff *inet_gso_segment(struct sk_buff *skb,
fixedid = !!(skb_shinfo(skb)->gso_type & SKB_GSO_TCP_FIXEDID);

/* fixed ID is invalid if DF bit is not set */
if (fixedid && !(iph->frag_off & htons(IP_DF)))
if (fixedid && !(ip_hdr(skb)->frag_off & htons(IP_DF)))
goto out;
}

Expand Down

0 comments on commit a510887

Please sign in to comment.