Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

openvswitch: Fix IPv6 exthdr handling with ct helpers.

Browse source 
Static code analysis reveals the following bug:

        net/openvswitch/conntrack.c:281 ovs_ct_helper()
        warn: unsigned 'protoff' is never less than zero.

This signedness bug breaks error handling for IPv6 extension headers when
using conntrack helpers. Fix the error by using a local signed variable.

Fixes:  cae3a26275: "openvswitch: Allow attaching helpers to ct
action"
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Joe Stringer 2015-09-14 11:14:50 -07:00 committed by David S. Miller
parent 37a1d3611c
commit cc5706056b
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
net/openvswitch/conntrack.c
View file

@ -275,13 +275,15 @@ static int ovs_ct_helper(struct sk_buff *skb, u16 proto)
case NFPROTO_IPV6: { case NFPROTO_IPV6: {
u8 nexthdr = ipv6_hdr(skb)->nexthdr; u8 nexthdr = ipv6_hdr(skb)->nexthdr;
__be16 frag_off; __be16 frag_off;
int ofs;
protoff = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), ofs = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr), &nexthdr,
&nexthdr, &frag_off); &frag_off);
if (protoff < 0 || (frag_off & htons(~0x7)) != 0) { if (ofs < 0 || (frag_off & htons(~0x7)) != 0) {
pr_debug("proto header not found\n"); pr_debug("proto header not found\n");
return NF_ACCEPT; return NF_ACCEPT;
} }
protoff = ofs;
break; break;
} }
default: default: