linux/include/net/netfilter
Patrick McHardy f4a87e7bd2 netfilter: synproxy: fix BUG_ON triggered by corrupt TCP packets
TCP packets hitting the SYN proxy through the SYNPROXY target are not
validated by TCP conntrack. When th->doff is below 5, an underflow happens
when calculating the options length, causing skb_header_pointer() to
return NULL and triggering the BUG_ON().

Handle this case gracefully by checking for NULL instead of using BUG_ON().

Reported-by: Martin Topholm <mph@one.com>
Tested-by: Martin Topholm <mph@one.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-09-30 12:44:38 +02:00
..
ipv4 netfilter: nf_ct_icmp: keep the ICMP ct entries longer 2009-06-08 15:53:43 +02:00
ipv6 netfilter: fix compilation when conntrack is disabled but tproxy is enabled 2011-01-12 20:25:08 +01:00
nf_conntrack_acct.h netfilter: nf_ct_acct: move initialization out of pernet_operations 2013-01-23 12:55:29 +01:00
nf_conntrack_core.h netfilter: nf_conntrack: speed up module removal path if netns in use 2013-03-19 17:08:31 +01:00
nf_conntrack_ecache.h netfilter: nf_ct_ecache: move initialization out of pernet_operations 2013-01-23 12:55:50 +01:00
nf_conntrack_expect.h netfilter: rename netlink related "pid" variables to "portid" 2013-04-19 14:58:36 -04:00
nf_conntrack_extend.h netfilter: nf_conntrack: use RCU safe kfree for conntrack extensions 2013-09-13 11:58:40 +02:00
nf_conntrack_helper.h netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_l3proto.h netfilter: nf_conntrack: refactor l3proto support for netns 2013-01-23 14:39:20 +01:00
nf_conntrack_l4proto.h netfilter: nf_conntrack: remove net_ratelimit() for LOG_INVALID() 2013-07-31 16:37:27 +02:00
nf_conntrack_labels.h netfilter: nf_ct_labels: move initialization out of pernet_operations 2013-01-23 12:56:23 +01:00
nf_conntrack_seqadj.h netfilter: add SYNPROXY core/target 2013-08-28 00:27:54 +02:00
nf_conntrack_synproxy.h netfilter: synproxy: fix BUG_ON triggered by corrupt TCP packets 2013-09-30 12:44:38 +02:00
nf_conntrack_timeout.h netfilter: nf_ct_timeout: move initialization out of pernet_operations 2013-01-23 12:56:02 +01:00
nf_conntrack_timestamp.h netfilter: nf_ct_tstamp: move initialization out of pernet_operations 2013-01-23 12:55:39 +01:00
nf_conntrack_tuple.h netfilter: nf_nat: export NAT definitions to userspace 2011-12-23 14:36:43 +01:00
nf_conntrack_zones.h netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n 2010-02-18 19:04:44 +01:00
nf_conntrack.h netfilter: nf_conntrack: don't send destroy events from iterator 2013-08-09 12:03:33 +02:00
nf_log.h netfilter: log: netns NULL ptr bug when calling from conntrack 2013-05-15 14:11:07 +02:00
nf_nat_core.h netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_helper.h netfilter: nf_conntrack: make sequence number adjustments usuable without NAT 2013-08-28 00:26:48 +02:00
nf_nat_l3proto.h netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
nf_nat_l4proto.h netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
nf_nat.h netfilter: nf_conntrack: make sequence number adjustments usuable without NAT 2013-08-28 00:26:48 +02:00
nf_queue.h netfilter: move skb_gso_segment into nfnetlink_queue module 2013-04-29 20:09:05 +02:00
nfnetlink_log.h netfilter: log: netns NULL ptr bug when calling from conntrack 2013-05-15 14:11:07 +02:00
nfnetlink_queue.h netfilter: nfnetlink_queue: allow to attach expectations to conntracks 2013-08-13 16:32:10 +02:00
xt_log.h netfilter: xt_LOG: don't use xchg() for simple assignment 2012-03-26 14:00:28 +02:00
xt_rateest.h net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00