On Mon, 30 Sep 2013, Patrick McHardy wrote:
TCP packets hitting the SYN proxy through the SYNPROXY target are not validated by TCP conntrack. When th->doff is below 5, an underflow happens when calculating the options length, causing skb_header_pointer() to return NULL and triggering the BUG_ON(). Handle this case gracefully by checking for NULL instead of using BUG_ON(). Reported-by: Martin Topholm <mph@xxxxxxx> Tested-by: Martin Topholm <mph@xxxxxxx> Signed-off-by: Patrick McHardy <kaber@xxxxxxxxx> ---
Acked-by: Jesper Dangaard Brouer <brouer@xxxxxxxxxx> Thanks for fixing this! Cheers, Jesper Brouer -- ------------------------------------------------------------------- MSc. Master of Computer Science Dept. of Computer Science, University of Copenhagen Author of http://www.adsl-optimizer.dk ------------------------------------------------------------------- -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
