Hi,
Please consider applying (or droping).
Thank you.
Description: This patch prevent drivers from calling eth_header with a 802.3
frame using a len>1536. In such a case returns -EINVAL, which was hard to
choose because the ETH_HLEN is supposed to return.
Signed-off-by: Vicente Feito <[EMAIL PROTECTED]>
--- linux-2.6.12-rc1-mm1/net/ethernet/eth.c.orig 2005-03-22 12:49:08.000000000 +0000
+++ linux-2.6.12-rc1-mm1/net/ethernet/eth.c 2005-03-22 12:49:36.000000000 +0000
@@ -78,6 +78,8 @@ int eth_header(struct sk_buff *skb, stru
{
struct ethhdr *eth = (struct ethhdr *)skb_push(skb,ETH_HLEN);
+ if (type == ETH_P_802_3 && len >= 1536)
+ return -EINVAL;
/*
* Set the protocol type. For a packet of type ETH_P_802_3 we put the length
* in here instead. It is up to the 802.2 layer to carry protocol information.
