Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Unverified Commit 59debaa2 authored by Stanislav Fomichev's avatar Stanislav Fomichev Committed by basamaryan
Browse files

UPSTREAM: net/flow_dissector: correctly cap nhoff and thoff in case of BPF 



We want to make sure that the following condition holds:
0 <= nhoff <= thoff <= skb->len

BPF program can set out-of-bounds nhoff and thoff, which is dangerous, see
recent commit d0c081b49137 ("flow_dissector: properly cap thoff field")'.

Change-Id: Ib698bb051c4043ebb841283f23f6a4e4c787613b
Signed-off-by: default avatarStanislav Fomichev <sdf@google.com>
Acked-by: default avatarSong Liu <songliubraving@fb.com>
Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent cd4501aa
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment