Forgive me for possibly being a little stupid here (This is my first
patch to Linux so I am slightly over my head)
Is this issue not addressed above the file where the following check is done?
if (iphlen > length)
goto error_free;
On Sun, Oct 11, 2015 at 11:10 PM, Eric Dumazet
Nice!
That works in my head at least, Sorry about not seeing that fairly
glaring memory issue there.
Are you sure " skb->transport_header += iphlen; " won't have a knock
on affect when it's given to NF_HOOK ( as in, would a potential
userspace program get something it does not expect anymore ) ?
