On Wed, Apr 24, 2013 at 03:17:26AM +0800, Marek Lindner wrote:
> On Sunday, April 21, 2013 00:17:33 Martin Hundebøll wrote:
>
>
> > + /* Make room for the rest of the fragments. */
> > + if (pskb_expand_head(skb_out, 0, size - skb->len, GFP_ATOMIC) < 0) {
> > + kfree_skb(skb_out);
> > + goto free;
> > + }
>
> If pskb_expand_head() really fails this function will lead to a crash because
> skb_out points to undefined memory.I'm not sure about this. pskb_expand_head() can only fail in the early phase and in that case it seems to return the original skb as it was. > > Btw, is pskb_expand_head() enough to handle all cases ? Did you try this with > a large (4000 bytes or more) packet ? > I don't personally see any problem with this. But maybe I am overlooking something..however, proper testing will make everybody happy :P -- Antonio Quartulli ..each of us alone is worth nothing.. Ernesto "Che" Guevara
signature.asc
Description: Digital signature
