net/ipv4/ip_fragment.c | 2 +- 1 files changed, 1 insertion(+), 1 deletion(-)
New commits: commit 67c168fc52e3819c182581b9ccab917763491d4a Author: David Ford <[email protected]> Date: Sun Nov 29 23:02:22 2009 -0800 ipv4: additional update of dev_net(dev) to struct *net in ip_fragment.c, NULL ptr OOPS ipv4 ip_frag_reasm(), fully replace 'dev_net(dev)' with 'net', defined previously patched into 2.6.29. Between 2.6.28.10 and 2.6.29, net/ipv4/ip_fragment.c was patched, changing from dev_net(dev) to container_of(...). Unfortunately the goto section (out_fail) on oversized packets inside ip_frag_reasm() didn't get touched up as well. Oversized IP packets cause a NULL pointer dereference and immediate hang. I discovered this running openvasd and my previous email on this is titled: NULL pointer dereference at 2.6.32-rc8:net/ipv4/ip_fragment.c:566 Signed-off-by: David Ford <[email protected]> Signed-off-by: David S. Miller <[email protected]> http://suva.vyatta.com/git/?p=linux-vyatta.git;a=commitdiff;h=67c168fc52e3819c182581b9ccab917763491d4a _______________________________________________ svn mailing list [email protected] http://mailman.vyatta.com/mailman/listinfo/svn
