Re: [PATCH] netfilter: nft_exthdr: fix offset with ipv4_find_option()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Florian Westphal <fw@xxxxxxxxx> wrote:
> Alexey Kashavkin <akashavkin@xxxxxxxxx> wrote:
> > There is an incorrect calculation in the offset variable which causes the nft_skb_copy_to_reg() function to always return -EFAULT. Adding the start variable is redundant. In the __ip_options_compile() function the correct offset is specified when finding the function. There is no need to add the size of the iphdr structure to the offset.
> 
> Fixes: dbb5281a1f84 ("netfilter: nf_tables: add support for matching IPv4 options")

Patch is fine,

Reviewed-by: Florian Westphal <fw@xxxxxxxxx>
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux