Merge with Linux 2.2.8.

author: Ralf Baechle <ralf@linux-mips.org> 1999-06-13 16:29:25 +0000
committer: Ralf Baechle <ralf@linux-mips.org> 1999-06-13 16:29:25 +0000
commit: db7d4daea91e105e3859cf461d7e53b9b77454b2 (patch)
tree: 9bb65b95440af09e8aca63abe56970dd3360cc57 /net/ipv4/ip_fw.c
parent: 9c1c01ead627bdda9211c9abd5b758d6c687d8ac (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/net/ipv4/ip_fw.c b/net/ipv4/ip_fw.c
index cf2731df1..f3dbafc04 100644
--- a/net/ipv4/ip_fw.c
+++ b/net/ipv4/ip_fw.c
@@ -32,6 +32,8 @@
  * 3-Jan-1999:  Fixed serious procfs security hole -- users should never
  *              be allowed to view the chains!
  *              Marc Santoro <ultima@snicker.emoti.com>
+ * 29-Jan-1999: Locally generated bogus IPs dealt with, rather than crash
+ *              during dump_packet. --RR.
  */
 
 /*
@@ -1660,6 +1662,10 @@ int ipfw_input_check(struct firewall_ops *this, int pf, struct device *dev,
 int ipfw_output_check(struct firewall_ops *this, int pf, struct device *dev, 
 		      void *phdr, void *arg, struct sk_buff **pskb)
 {
+	/* Locally generated bogus packets by root. <SIGH>. */
+	if (((struct iphdr *)phdr)->ihl * 4 < sizeof(struct iphdr)
+	    || (*pskb)->len < sizeof(struct iphdr))
+		return FW_ACCEPT;
 	return ip_fw_check(phdr, dev->name,
 			   arg, IP_FW_OUTPUT_CHAIN, *pskb, SLOT_NUMBER(), 0);
 }
author	Ralf Baechle <ralf@linux-mips.org>	1999-06-13 16:29:25 +0000
committer	Ralf Baechle <ralf@linux-mips.org>	1999-06-13 16:29:25 +0000
commit	db7d4daea91e105e3859cf461d7e53b9b77454b2 (patch)
tree	9bb65b95440af09e8aca63abe56970dd3360cc57 /net/ipv4/ip_fw.c
parent	9c1c01ead627bdda9211c9abd5b758d6c687d8ac (diff)