android/android_kernel_asus_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_kernel_asus_sm8350/net/ipv6
History
Eric Dumazet fbfa743a9d ipv6: fix ip6_tnl_parse_tlv_enc_lim() 
This function suffers from multiple issues.

First one is that pskb_may_pull() may reallocate skb->head,
so the 'raw' pointer needs either to be reloaded or not used at all.

Second issue is that NEXTHDR_DEST handling does not validate
that the options are present in skb->data, so we might read
garbage or access non existent memory.

With help from Willem de Bruijn.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Dmitry Vyukov  <dvyukov@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-24 14:53:24 -05:00
..
ila
ila: Fix crash caused by rhashtable changes
2016-11-02 15:26:02 -04:00
netfilter
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
addrconf_core.c
ipv6: change ipv6_stub_impl.ipv6_dst_lookup to take net argument
2015-07-31 15:21:30 -07:00
addrconf.c
ipv6: addrconf: Avoid addrconf_disable_change() using RCU read-side lock
2017-01-19 11:08:53 -05:00
addrlabel.c
ipv6/addrlabel: fix ip6addrlbl_get()
2015-12-22 15:57:54 -05:00
af_inet6.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
ah6.c
net: inet: Support UID-based routing in IP protocols.
2016-11-04 14:45:23 -04:00
anycast.c
ipv6: coding style: comparison for equality with NULL
2015-03-31 13:51:54 -04:00
calipso.c
calipso: fix resource leak on calipso_genopt failure
2016-08-13 14:56:17 -07:00
datagram.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
esp6.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-12-03 12:29:53 -05:00
exthdrs_core.c
ipv6: constify the skb pointer of ipv6_find_tlv().
2016-06-27 15:06:15 -04:00
exthdrs_offload.c
ipv6: fix exthdrs offload registration in out_rt path
2015-09-02 15:31:00 -07:00
exthdrs.c
ktime: Get rid of the union
2016-12-25 17:21:22 +01:00
fib6_rules.c
net: flow: Add l3mdev flow update
2016-09-10 23:12:51 -07:00
fou6.c
fou: add Kconfig options for IPv6 support
2016-05-29 22:24:21 -07:00
icmp.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
inet6_connection_sock.c
inet: Fix get port to handle zero port number with soreuseport set
2016-12-17 11:13:19 -05:00
inet6_hashtables.c
inet: Fix missing return value in inet6_hash
2016-10-29 12:01:49 -04:00
ip6_checksum.c
ipv6: fix checksum annotation in udp6_csum_init
2016-06-14 15:26:42 -04:00
ip6_fib.c
ipv6: report NLM_F_CREATE and NLM_F_EXCL flags in RTM_NEWROUTE events
2016-09-09 16:50:23 -07:00
ip6_flowlabel.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
ip6_gre.c
ip6_tunnel: must reload ipv6h in ip6ip6_tnl_xmit()
2017-01-24 14:53:24 -05:00
ip6_icmp.c
ipv6: icmp: add a force_saddr param to icmp6_send()
2016-06-18 22:11:38 -07:00
ip6_input.c
net: vrf: ipv6 support for local traffic to local addresses
2016-06-08 00:25:38 -07:00
ip6_offload.c
gro: Disable frag0 optimization on IPv6 ext headers
2017-01-10 21:30:33 -05:00
ip6_offload.h
udp: Add GRO functions to UDP socket
2016-04-07 16:53:29 -04:00
ip6_output.c
ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output
2016-12-29 11:55:17 -05:00
ip6_tunnel.c
ipv6: fix ip6_tnl_parse_tlv_enc_lim()
2017-01-24 14:53:24 -05:00
ip6_udp_tunnel.c
ip6_udp_tunnel: remove unused IPCB related codes
2016-11-02 15:18:36 -04:00
ip6_vti.c
vti6: fix device register to report IFLA_INFO_KIND
2017-01-06 16:09:09 -05:00
ip6mr.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
ipcomp6.c
net: inet: Support UID-based routing in IP protocols.
2016-11-04 14:45:23 -04:00
ipv6_sockglue.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
Kconfig
ipv6: sr: add option to control lwtunnel support
2016-11-16 11:29:46 -05:00
Makefile
ipv6: sr: add option to control lwtunnel support
2016-11-16 11:29:46 -05:00
mcast_snoop.c
net: fix wrong skb_get() usage / crash in IGMP/MLD parsing code
2015-08-13 17:08:39 -07:00
mcast.c
mld: do not remove mld souce list info when set link down
2017-01-16 12:44:59 -05:00
mip6.c
ktime: Get rid of ktime_equal()
2016-12-25 17:21:23 +01:00
ndisc.c
ipv6 addrconf: Implemented enhanced DAD (RFC7527)
2016-12-03 23:21:37 -05:00
netfilter.c
net: inet: Support UID-based routing in IP protocols.
2016-11-04 14:45:23 -04:00
output_core.c
ipv6: Set skb->protocol properly for local output
2016-12-02 12:34:22 -05:00
ping.c
net: inet: Support UID-based routing in IP protocols.
2016-11-04 14:45:23 -04:00
proc.c
proc: Reduce cache miss in snmp6_seq_show
2016-09-30 01:50:44 -04:00
protocol.c
net: Export inet_offloads and inet6_offloads
2014-09-19 17:15:31 -04:00
raw.c
ipv6: handle -EFAULT from skb_copy_bits
2016-12-23 12:20:39 -05:00
reassembly.c
ipv6: on reassembly, record frag_max_size
2016-11-03 15:41:11 -04:00
route.c
lwtunnel: fix autoload of lwt modules
2017-01-18 17:07:14 -05:00
seg6_hmac.c
ipv6: sr: fix several BUGs when preemption is enabled
2017-01-13 12:29:55 -05:00
seg6_iptunnel.c
ipv6: sr: fix several BUGs when preemption is enabled
2017-01-13 12:29:55 -05:00
seg6.c
ipv6: seg6_genl_set_tunsrc() must check kmemdup() return value
2017-01-20 11:07:48 -05:00
sit.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
syncookies.c
tcp: randomize tcp timestamp offsets for each connection
2016-12-02 12:49:59 -05:00
sysctl_net_ipv6.c
calipso: Add a label cache.
2016-06-27 15:06:17 -04:00
tcp_ipv6.c
tcp: tsq: move tsq_flags close to sk_wmem_alloc
2016-12-05 13:32:24 -05:00
tcpv6_offload.c
tcp: cleanup static functions
2015-02-28 16:56:51 -05:00
tunnel6.c
ipv6: fix tunnel error handling
2015-11-03 10:52:13 -05:00
udp_impl.h
udplite: call proper backlog handlers
2016-11-24 15:32:14 -05:00
udp_offload.c
gso: Remove arbitrary checks for unsupported GSO
2016-05-20 18:03:15 -04:00
udp.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
udplite.c
udplite: call proper backlog handlers
2016-11-24 15:32:14 -05:00
xfrm6_input.c
vti6: fix input path
2016-09-21 10:09:14 +02:00
xfrm6_mode_beet.c
xfrm: simplify xfrm_address_t use
2015-03-31 13:58:35 -04:00
xfrm6_mode_ro.c
ipv4/ipv6: Fix FSF address in file headers
2013-12-06 12:37:56 -05:00
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c
ipv6: update skb->csum when CE mark is propagated
2016-01-15 15:07:23 -05:00
xfrm6_output.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2015-10-24 06:54:12 -07:00
xfrm6_policy.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-09-12 15:52:44 -07:00
xfrm6_protocol.c
xfrm6: Properly handle unsupported protocols
2014-05-06 07:08:38 +02:00
xfrm6_state.c
ipv6: White-space cleansing : Line Layouts
2014-08-24 22:37:52 -07:00
xfrm6_tunnel.c
netns: make struct pernet_operations::id unsigned int
2016-11-18 10:59:15 -05:00