From: Daniel Borkmann <dborkman@redhat.com>
Date: Fri, 20 Dec 2013 10:23:15 +0000 (+0100)
Subject: netfilter: nft_exthdr: call ipv6_find_hdr() with explicitly initialized offset
X-Git-Tag: v3.13-rc7~13^2~7^2~6
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=540436c80e5918dd5ed838449e108b1726fc4d68;p=pandora-kernel.git

netfilter: nft_exthdr: call ipv6_find_hdr() with explicitly initialized offset

In nft's nft_exthdr_eval() routine we process IPv6 extension header
through invoking ipv6_find_hdr(), but we call it with an uninitialized
offset variable that contains some stack value. In ipv6_find_hdr()
we then test if the value of offset != 0 and call skb_header_pointer()
on that offset in order to map struct ipv6hdr into it. Fix it up by
initializing offset to 0 as it was probably intended to be.

Fixes: 96518518cc41 ("netfilter: add nftables")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

Reading git-diff-tree failed