git.openpandora.org / pandora-kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
net: flow_dissector: fail on evil iph->ihl
[pandora-kernel.git] / net / core / dev.c
diff --git a/net/core/dev.c b/net/core/dev.c
index ecf5ea2..7bcf37d 100644 (file)
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2609,6 +2609,8 @@ ip:
                        goto done;
 
                ip = (const struct iphdr *) (skb->data + nhoff);
+               if (ip->ihl < 5)
+                       goto done;
                if (ip_is_fragment(ip))
                        ip_proto = 0;
                else
Pandora Kernel Repository