[stable] Patch "bridge: reset IPCB in br_parse_ip_options" has been added to the 2.6.38-stable tree

Tue, 19 Apr 2011 19:54:39 -0700 

This is a note to let you know that I've just added the patch titled

    bridge: reset IPCB in br_parse_ip_options

to the 2.6.38-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     bridge-reset-ipcb-in-br_parse_ip_options.patch
and it can be found in the queue-2.6.38 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.


From f8e9881c2aef1e982e5abc25c046820cd0b7cf64 Mon Sep 17 00:00:00 2001
From: Eric Dumazet <[email protected]>
Date: Tue, 12 Apr 2011 13:39:14 -0700
Subject: bridge: reset IPCB in br_parse_ip_options
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Eric Dumazet <[email protected]>

commit f8e9881c2aef1e982e5abc25c046820cd0b7cf64 upstream.

Commit 462fb2af9788a82 (bridge : Sanitize skb before it enters the IP
stack), missed one IPCB init before calling ip_options_compile()

Thanks to Scot Doyle for his tests and bug reports.

Reported-by: Scot Doyle <[email protected]>
Signed-off-by: Eric Dumazet <[email protected]>
Cc: Hiroaki SHIMODA <[email protected]>
Acked-by: Bandan Das <[email protected]>
Acked-by: Stephen Hemminger <[email protected]>
Cc: Jan Lübbe <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>

---
 net/bridge/br_netfilter.c |    6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -249,11 +249,9 @@ static int br_parse_ip_options(struct sk
                goto drop;
        }
 
-       /* Zero out the CB buffer if no options present */
-       if (iph->ihl == 5) {
-               memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
+       memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
+       if (iph->ihl == 5)
                return 0;
-       }
 
        opt->optlen = iph->ihl*4 - sizeof(struct iphdr);
        if (ip_options_compile(dev_net(dev), opt, skb))


Patches currently in stable-queue which might be from [email protected] are

_______________________________________________
stable mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/stable

Reply via email to