Lucid CVE-2012-3412
Herton Ronaldo Krzesinski
herton.krzesinski at canonical.com
Fri Aug 24 15:05:31 UTC 2012
On Fri, Aug 24, 2012 at 07:58:34AM -0600, Tim Gardner wrote:
> static inline int netif_needs_gso(struct net_device *dev, struct sk_buff *skb)
> {
> + if (skb_is_gso(skb) &&
> + skb_shinfo(skb)->gso_segs > skb->dev->gso_max_segs)
> + return 0;
Shouldn't be return 1 here? If the condition is true, we would clear the
flags from features. If flags are cleared, when calling skb_gso_ok:
net_gso_ok would always return 0
skb_gso_ok would always return 0
netif_needs_gso returns 1 because it does !skb_gso_ok
Unless I'm missing something here. Anyway, hard to read these functions...
I think just copying/clearing the flags and passing through skb_gso_ok
would be better.
--
[]'s
Herton
More information about the kernel-team
mailing list