patch-2.1.63 linux/net/ipv4/ip_fragment.c
Next file: linux/net/ipx/af_ipx.c
Previous file: linux/mm/filemap.c
Back to the patch index
Back to the overall index
- Lines: 17
- Date:
Thu Nov 6 15:02:38 1997
- Orig file:
v2.1.62/linux/net/ipv4/ip_fragment.c
- Orig date:
Sun Sep 7 13:10:43 1997
diff -u --recursive --new-file v2.1.62/linux/net/ipv4/ip_fragment.c linux/net/ipv4/ip_fragment.c
@@ -14,6 +14,7 @@
* Alan Cox : Split from ip.c , see ip_input.c for history.
* David S. Miller : Begin massive cleanup...
* Andi Kleen : Add sysctls.
+ * xxxx : Overlapfrag bug.
*/
#include <linux/types.h>
@@ -339,7 +340,7 @@
/* Copy the data portions of all fragments into the new buffer. */
fp = qp->fragments;
while(fp) {
- if(count+fp->len > skb->len) {
+ if (fp->len < 0 || count+fp->len > skb->len) {
NETDEBUG(printk(KERN_ERR "Invalid fragment list: "
"Fragment over size.\n"));
ip_free(qp);
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen, slshen@lbl.gov