On Wed, Jul 04, 2018 at 07:34:54PM +0200, Pablo Neira Ayuso wrote:
> On Thu, Jun 28, 2018 at 01:34:42PM +0200, Máté Eckl wrote:
> > This patch fixes a silent out-of-bound read possibility that was present
> > because of the misuse of this function.
> >
> > Mostly it was called with a struct udphdr *hp which had only the udphdr
> > part linearized by the skb_header_pointer, however
> > nf_tproxy_get_sock_v{4,6} uses it as a tcphdr pointer, so some reads for
> > tcp specific attributes may be invalid.
>
> Applied, thanks.
Wait, I think this may break UDP traffic over tproxy.
If we get a UDP packet whose header + payload is smaller than the TCP
header, this will break things.
I'm keeping this back.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
