On Thu, Jul 05, 2018 at 09:18:54AM +0200, Máté Eckl wrote:
> struct sock *
> -nf_tproxy_get_sock_v4(struct net *net, struct sk_buff *skb, void *hp,
> +nf_tproxy_get_sock_v4(struct net *net, struct sk_buff *skb,
> const u8 protocol,
> const __be32 saddr, const __be32 daddr,
> const __be16 sport, const __be16 dport,
> const struct net_device *in,
> const enum nf_tproxy_lookup_t lookup_type)
> {
> + struct tcphdr _hdr, *hp;
> struct sock *sk;
> - struct tcphdr *tcph;
>
> switch (protocol) {
> case IPPROTO_TCP:
> + hp = skb_header_pointer(skb, ip_hdrlen(skb),
> + sizeof(struct tcphdr), &_hdr);
> + if (hp == NULL) {
> + WARN_ON_ONCE(1);
No need for this WARN_ON_ONCE, I think this is possible with a
malformed TCP packet.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
