linux/net/bridge
Patrick McHardy 42cf93cd46 [NETFILTER]: Fix bridge netfilter related in xfrm_lookup
The bridge-netfilter code attaches a fake dst_entry with dst->ops == NULL
to purely bridged packets. When these packets are SNATed and a policy
lookup is done, xfrm_lookup crashes because it tries to dereference
dst->ops.

Change xfrm_lookup not to dereference dst->ops before checking for the
DST_NOXFRM flag and set this flag in the fake dst_entry.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-02-23 16:10:51 -08:00
..
netfilter [NETFILTER]: Fix possible overflow in netfilters do_replace() 2006-02-04 23:51:25 -08:00
br_device.c
br_fdb.c
br_forward.c
br_if.c [BRIDGE]: fix error handling for add interface to bridge 2006-02-09 17:10:12 -08:00
br_input.c [BRIDGE]: fix for RCU and deadlock on device removal 2006-02-09 17:08:52 -08:00
br_ioctl.c [PATCH] capable/capability.h (net/) 2006-01-11 18:42:14 -08:00
br_netfilter.c [NETFILTER]: Fix bridge netfilter related in xfrm_lookup 2006-02-23 16:10:51 -08:00
br_notify.c
br_private_stp.h
br_private.h [BRIDGE]: fix error handling for add interface to bridge 2006-02-09 17:10:12 -08:00
br_stp_bpdu.c [BRIDGE]: fix for RCU and deadlock on device removal 2006-02-09 17:08:52 -08:00
br_stp_if.c [BRIDGE]: Fix deadlock in br_stp_disable_bridge 2006-02-15 01:47:48 -08:00
br_stp_timer.c
br_stp.c
br_sysfs_br.c [PATCH] capable/capability.h (net/) 2006-01-11 18:42:14 -08:00
br_sysfs_if.c [BRIDGE]: fix error handling for add interface to bridge 2006-02-09 17:10:12 -08:00
br.c
Kconfig
Makefile