linux-sg2042/net/ipv4
Jozsef Kadlecsik 07153c6ec0 netfilter: nf_ct_ipv4: packets with wrong ihl are invalid
It was reported that the Linux kernel sometimes logs:

klogd: [2629147.402413] kernel BUG at net / netfilter /
nf_conntrack_proto_tcp.c: 447!
klogd: [1072212.887368] kernel BUG at net / netfilter /
nf_conntrack_proto_tcp.c: 392

ipv4_get_l4proto() in nf_conntrack_l3proto_ipv4.c and tcp_error() in
nf_conntrack_proto_tcp.c should catch malformed packets, so the errors
at the indicated lines - TCP options parsing - should not happen.
However, tcp_error() relies on the "dataoff" offset to the TCP header,
calculated by ipv4_get_l4proto().  But ipv4_get_l4proto() does not check
bogus ihl values in IPv4 packets, which then can slip through tcp_error()
and get caught at the TCP options parsing routines.

The patch fixes ipv4_get_l4proto() by invalidating packets with bogus
ihl value.

The patch closes netfilter bugzilla id 771.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-04-10 12:50:49 +02:00
..
netfilter netfilter: nf_ct_ipv4: packets with wrong ihl are invalid 2012-04-10 12:50:49 +02:00
Kconfig net: Fix build regression when INET_UDP_DIAG=y and IPV6=m 2012-02-07 13:35:28 -05:00
Makefile tcp memory pressure controls 2011-12-12 19:04:10 -05:00
af_inet.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ah4.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
arp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
cipso_ipv4.c ipv4: Convert call_rcu() to kfree_rcu(), drop opt_kfree_rcu() 2012-02-21 09:03:31 -08:00
datagram.c ipv4: Lock socket and use cork flow in ip4_datagram_connect(). 2011-05-08 13:48:57 -07:00
devinet.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
esp4.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
fib_frontend.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
fib_lookup.h ipv4: Fix nexthop caching wrt. scoping. 2011-03-24 18:06:47 -07:00
fib_rules.c net: ipv4: export fib_lookup and fib_table_lookup 2011-12-04 22:43:33 +01:00
fib_semantics.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
fib_trie.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
gre.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
icmp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
igmp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
inet_connection_sock.c tcp: bind() optimize port allocation 2012-01-25 21:50:43 -05:00
inet_diag.c netlink: add netlink_dump_control structure for netlink_dump_start() 2012-02-26 14:10:06 -05:00
inet_fragment.c net/ipv4: EXPORT_SYMBOL cleanups 2010-07-12 12:57:54 -07:00
inet_hashtables.c net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
inet_lro.c net: add skb frag size accessors 2011-10-19 03:10:46 -04:00
inet_timewait_sock.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
inetpeer.c route: Remove redirect_genid 2012-03-08 00:30:32 -08:00
ip_forward.c ipv4: Save nexthop address of LSRR/SSRR option to IPCB. 2011-11-23 19:19:32 -05:00
ip_fragment.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
ip_gre.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
ip_input.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ip_options.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
ip_output.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
ip_sockglue.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-03-20 21:04:47 -07:00
ipcomp.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
ipconfig.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
ipip.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
ipmr.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
netfilter.c netfilter: possible unaligned packet header in ip_route_me_harder 2011-11-21 18:46:18 +01:00
ping.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
proc.c tcp: reduce out_of_order memory use 2012-03-19 16:53:08 -04:00
protocol.c net: add __rcu annotations to protocol 2010-10-27 11:37:31 -07:00
raw.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-02 17:53:39 -07:00
syncookies.c tcp: fix syncookie regression 2012-03-11 15:52:12 -07:00
sysctl_net_ipv4.c tcp: properly initialize tcp memory limits 2012-02-02 14:34:41 -05:00
tcp.c tcp: tcp_sendpages() should call tcp_push() once 2012-04-05 19:04:27 -04:00
tcp_bic.c tcp: fix undo after RTO for BIC 2012-01-20 14:17:26 -05:00
tcp_cong.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
tcp_cubic.c tcp: fix undo after RTO for CUBIC 2012-01-20 14:17:26 -05:00
tcp_diag.c inet_diag: Rename inet_diag_req into inet_diag_req_v2 2012-01-11 12:56:06 -08:00
tcp_highspeed.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_htcp.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_hybla.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_illinois.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_input.c tcp: reduce out_of_order memory use 2012-03-19 16:53:08 -04:00
tcp_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-03-18 23:29:41 -04:00
tcp_lp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tcp_memcontrol.c Merge branch 'for-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup 2012-03-20 18:11:21 -07:00
tcp_minisocks.c tcp: md5: rcu conversion 2012-01-31 12:14:00 -05:00
tcp_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-02-04 16:39:32 -05:00
tcp_probe.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
tcp_scalable.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_timer.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
tcp_vegas.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_vegas.h
tcp_veno.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_westwood.c tcp: mark tcp_congestion_ops read_mostly 2011-03-10 00:40:17 -08:00
tcp_yeah.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tunnel4.c net: Convert printks to pr_<level> 2012-03-11 23:42:51 -07:00
udp.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
udp_diag.c net: kill duplicate included header 2012-01-17 10:31:12 -05:00
udp_impl.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
udplite.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00
xfrm4_input.c net/ipv4: EXPORT_SYMBOL cleanups 2010-07-12 12:57:54 -07:00
xfrm4_mode_beet.c ipsec: be careful of non existing mac headers 2012-02-23 16:50:45 -05:00
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c ipsec: be careful of non existing mac headers 2012-02-23 16:50:45 -05:00
xfrm4_output.c xfrm4: Don't call icmp_send on local error 2011-07-01 17:33:19 -07:00
xfrm4_policy.c ipv4: fix ipsec forward performance regression 2011-10-24 03:01:22 -04:00
xfrm4_state.c net: Add export.h for EXPORT_SYMBOL/THIS_MODULE to non-modules 2011-10-31 19:30:30 -04:00
xfrm4_tunnel.c net: ipv4: Standardize prefixes for message logging 2012-03-12 17:05:21 -07:00