OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/ipv6/netfilter
History
Patrick McHardy 8fa9ff6849 netfilter: fix crashes in bridge netfilter caused by fragment jumps 
When fragments from bridge netfilter are passed to IPv4 or IPv6 conntrack
and a reassembly queue with the same fragment key already exists from
reassembling a similar packet received on a different device (f.i. with
multicasted fragments), the reassembled packet might continue on a different
codepath than where the head fragment originated. This can cause crashes
in bridge netfilter when a fragment received on a non-bridge device (and
thus with skb->nf_bridge == NULL) continues through the bridge netfilter
code.

Add a new reassembly identifier for packets originating from bridge
netfilter and use it to put those packets in insolated queues.

Fixes http://bugzilla.kernel.org/show_bug.cgi?id=14805

Reported-and-Tested-by: Chong Qiao <qiaochong@loongson.cn>
Signed-off-by: Patrick McHardy <kaber@trash.net>
 		2009-12-15 16:59:59 +01:00
..
Kconfig netfilter: trivial Kconfig spelling fixes 2009-03-24 13:35:27 -07:00
Makefile netfilter: Combine ipt_ttl and ip6t_hl source 2009-02-18 18:39:31 +01:00
ip6_queue.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
ip6_tables.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6t_LOG.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6t_REJECT.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6t_ah.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6t_eui64.c netfilter: ip6t_eui: fix read outside array bounds 2009-08-31 15:30:31 +02:00
ip6t_frag.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6t_hbh.c netfilter: xtables: move extension arguments into compound structure (2/6) 2008-10-08 11:35:18 +02:00
ip6t_ipv6header.c netfilter: ip6t_ipv6header: fix match on packets ending with NEXTHDR_NONE 2009-05-05 15:32:16 +02:00
ip6t_mh.c netfilter: xtables: move extension arguments into compound structure (2/6) 2008-10-08 11:35:18 +02:00
ip6t_rt.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6table_filter.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6table_mangle.c netfilter: net/ipv[46]/netfilter: Move && and || to end of previous line 2009-11-23 23:17:06 +01:00
ip6table_raw.c netfilter: xtables: mark initial tables constant 2009-08-24 14:56:30 +02:00
ip6table_security.c netfilter: xtables: mark initial tables constant 2009-08-24 14:56:30 +02:00
nf_conntrack_l3proto_ipv6.c netfilter: fix crashes in bridge netfilter caused by fragment jumps 2009-12-15 16:59:59 +01:00
nf_conntrack_proto_icmpv6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
nf_conntrack_reasm.c ipv6: reassembly: use seperate reassembly queues for conntrack and local delivery 2009-12-15 16:59:18 +01:00