Please sign in to comment.
ipv6: avoid overflow of offset in ip6_find_1stfragopt
In some cases, offset can overflow and can cause an infinite loop in ip6_find_1stfragopt(). Make it unsigned int to prevent the overflow, and cap it at IPV6_MAXPLEN, since packets larger than that should be invalid. This problem has been here since before the beginning of git history. Signed-off-by: Sabrina Dubroca <email@example.com> Acked-by: Hannes Frederic Sowa <firstname.lastname@example.org> Signed-off-by: David S. Miller <email@example.com>
- Loading branch information...