esp4: add length check for UDP encapsulation - kernel/linux.git

diff options

author	Sabrina Dubroca <sd@queasysnail.net>	2019-03-25 16:30:00 +0300
committer	Steffen Klassert <steffen.klassert@secunet.com>	2019-03-26 10:39:30 +0300
commit	8dfb4eba4100e7cdd161a8baef2d8d61b7a7e62e (patch)
tree	47012e3eeefbbbaf24cd5908f2e55b7335e52327 /net/xfrm/xfrm_policy.c
parent	dbb2483b2a46fbaf833cfb5deb5ed9cace9c7399 (diff)
download	linux-8dfb4eba4100e7cdd161a8baef2d8d61b7a7e62e.tar.xz

esp4: add length check for UDP encapsulation

esp_output_udp_encap can produce a length that doesn't fit in the 16 bits of a UDP header's length field. In that case, we'll send a fragmented packet whose length is larger than IP_MAX_MTU (resulting in "Oversized IP packet" warnings on receive) and with a bogus UDP length. To prevent this, add a length check to esp_output_udp_encap and return -EMSGSIZE on failure. This seems to be older than git history. Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

Diffstat (limited to 'net/xfrm/xfrm_policy.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: