diff options
| author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-08-27 15:06:01 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-08-27 15:06:01 -0700 |
| commit | 28d9aa613daa65b295a099a8433df97de1c56a2f (patch) | |
| tree | 8e7bf451f3390b926787d410c8d5df0454cbf16b /net/bridge/br_netfilter.c | |
| parent | d243769d3f83b318813a04a9592bb7cfedc6c280 (diff) | |
| parent | 10e2ff1c39e6d829379c7c5bb8f1c8f512f257c8 (diff) | |
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[NET]: Mark Paul Moore as maintainer of labelled networking.
[VLAN/BRIDGE]: Fix "skb_pull_rcsum - Fatal exception in interrupt"
[ISDN]: Get rid of some pointless allocation casts in common and bsd comp.
[NET]: Avoid pointless allocation casts in BSD compression module
[IRDA]: Do not do pointless kmalloc return value cast in KingSun driver
[NET]: Fix crash in dev_mc_sync()/dev_mc_unsync()
[PPPOL2TP]: Fix endianness annotations.
[IOAT]: ioatdma needs to to play nice in a multi-dma-client world
[SLIP]: trivial sparse warning fix
[EQL]: sparse warning fix
[NET]: is_power_of_2 in net/core/neighbour.c
[TCP]: Describe tcp_init_cwnd() thoroughly in a comment.
[NET]: Fix IP_ADD/DROP_MEMBERSHIP to handle only connectionless
[KBUILD]: Sanitize tc_ematch headers.
[IPSEC] AH4: Update IPv4 options handling to conform to RFC 4302.
Diffstat (limited to 'net/bridge/br_netfilter.c')
| -rw-r--r-- | net/bridge/br_netfilter.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index fa779874b9d..3ee2022928e 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c @@ -509,8 +509,14 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, int (*okfn)(struct sk_buff *)) { struct iphdr *iph; - __u32 len; struct sk_buff *skb = *pskb; + __u32 len = nf_bridge_encap_header_len(skb); + + if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) + return NF_STOLEN; + + if (unlikely(!pskb_may_pull(skb, len))) + goto out; if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb) || IS_PPPOE_IPV6(skb)) { @@ -518,8 +524,6 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, if (!brnf_call_ip6tables) return NF_ACCEPT; #endif - if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) - goto out; nf_bridge_pull_encap_header_rcsum(skb); return br_nf_pre_routing_ipv6(hook, skb, in, out, okfn); } @@ -532,8 +536,6 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, !IS_PPPOE_IP(skb)) return NF_ACCEPT; - if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) - goto out; nf_bridge_pull_encap_header_rcsum(skb); if (!pskb_may_pull(skb, sizeof(struct iphdr))) |