diff options
Diffstat (limited to 'net/ipv6')
-rw-r--r-- | net/ipv6/esp6.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c index 7db66f10e00..44405325467 100644 --- a/net/ipv6/esp6.c +++ b/net/ipv6/esp6.c @@ -230,6 +230,12 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb) } /* ... check padding bits here. Silly. :-) */ + /* RFC4303: Drop dummy packets without any error */ + if (nexthdr[1] == IPPROTO_NONE) { + ret = -EINVAL; + goto out; + } + pskb_trim(skb, skb->len - alen - padlen - 2); ret = nexthdr[1]; } |