[ale] teardrop patch?
Michael H. Warfield
mhw at wittsend.com
Fri Nov 14 23:33:16 EST 1997
Dave Brooks enscribed thusly:
> ALE-
> I'm sure you've all seen the (As im sure by now) "teardrop"
> ip_fragmentation bug. Is there a patch for this as of now besides kernel
> 2.0.32?
It's a one line patch. Get the patch-2.1.63.gz file from
ftp.kernel.org, uncompress it, and search for the changes to ip_fragment.c.
That change can be applied to just about any version kernel...
Oh heck... Here it is...
+++ linux/net/ipv4/ip_fragment.c Thu Nov 6 15:02:38 1997
@@ -14,6 +14,7 @@
* Alan Cox : Split from ip.c , see ip_input.c for history.
* David S. Miller : Begin massive cleanup...
* Andi Kleen : Add sysctls.
+ * xxxx : Overlapfrag bug.
*/
#include <linux/types.h>
@@ -339,7 +340,7 @@
/* Copy the data portions of all fragments into the new buffer. */
fp = qp->fragments;
while(fp) {
- if(count+fp->len > skb->len) {
+ if (fp->len < 0 || count+fp->len > skb->len) {
NETDEBUG(printk(KERN_ERR "Invalid fragment list: "
"Fragment over size.\n"));
ip_free(qp);
> thanks,
> dave.
> --------------------------------
> Dave Brooks
> spork at chefmike.com
> http://spork.777.net
Mike
--
Michael H. Warfield | (770) 985-6132 | mhw at WittsEnd.com
(The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
More information about the Ale
mailing list