anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-21 20:14:56 +02:00
Code Issues Releases Wiki Activity

xt_ipv4options: fix an infinite loop

Browse Source
This commit is contained in:
Eivind Naess
2011-11-03 09:28:46 -07:00
committed by Jan Engelhardt
parent b0dc0e6f4c
commit 75cd1d7d6a
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
doc/changelog.txt
View File

@@ -5,6 +5,7 @@ Fixes:
- build: the code actually requires at least iptables 1.4.5 (would yield a - build: the code actually requires at least iptables 1.4.5 (would yield a
compile error otherwise), make sure configure checks for it; update INSTALL compile error otherwise), make sure configure checks for it; update INSTALL
- xt_ECHO: fix kernel warning about RTAX_HOPLIMIT being used - xt_ECHO: fix kernel warning about RTAX_HOPLIMIT being used
- xt_ipv4options: fix an infinite loop
Changes: Changes:
- xt_ECHO: now calculates UDP checksum - xt_ECHO: now calculates UDP checksum
Enhancements: Enhancements:

11
extensions/xt_ipv4options.c
View File

@@ -20,6 +20,17 @@ static uint32_t ipv4options_rd(const uint8_t *data, int len)
uint32_t opts = 0; uint32_t opts = 0;
while (len >= 2) { while (len >= 2) {
switch (data[0]) {
case IPOPT_END:
return opts;
case IPOPT_NOOP:
--len;
++data;
continue;
}
if (data[1] < 2 || data[1] > len)
return opts;
opts |= 1 << (data[0] & 0x1F); opts |= 1 << (data[0] & 0x1F);
len -= data[1]; len -= data[1];
data += data[1]; data += data[1];