From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 25 Jul 2013 08:37:49 +0000 (+0200)
Subject: netfilter: xt_TCPMSS: fix handling of malformed TCP header and options
X-Git-Tag: v3.11-rc6~11^2~26^2~3
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=71ffe9c77dd7a2b62207953091efa8dafec958dd;p=pandora-kernel.git

netfilter: xt_TCPMSS: fix handling of malformed TCP header and options

Make sure the packet has enough room for the TCP header and
that it is not malformed.

While at it, store tcph->doff*4 in a variable, as it is used
several times.

This patch also fixes a possible off by one in case of malformed
TCP options.

Reported-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

Reading git-diff-tree failed