patch-2.2.14 linux/net/ipv4/ip_input.c
Next file: linux/net/ipv4/ip_masq.c
Previous file: linux/net/ipv4/ip_fw.c
Back to the patch index
Back to the overall index
- Lines: 28
- Date:
Tue Jan 4 10:12:26 2000
- Orig file:
v2.2.13/linux/net/ipv4/ip_input.c
- Orig date:
Tue Jan 4 11:10:43 2000
diff -u --recursive --new-file v2.2.13/linux/net/ipv4/ip_input.c linux/net/ipv4/ip_input.c
@@ -97,6 +97,7 @@
* Alan Cox : Multicast routing hooks
* Jos Vos : Do accounting *before* call_in_firewall
* Willy Konynenberg : Transparent proxying support
+ * Stephan Uphoff : Check IP header length field
*
*
*
@@ -421,12 +422,19 @@
if (skb->len < sizeof(struct iphdr))
goto inhdr_error;
+
+ if (skb->len < (iph->ihl << 2))
+ goto inhdr_error;
+
if (iph->ihl < 5 || iph->version != 4 || ip_fast_csum((u8 *)iph, iph->ihl) != 0)
goto inhdr_error;
{
__u32 len = ntohs(iph->tot_len);
if (skb->len < len)
+ goto inhdr_error;
+
+ if (len < (iph->ihl << 2))
goto inhdr_error;
/*
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)