projects / deliverable / linux.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
[IPv6] ESP: Discard dummy packets introduced in rfc4303
[deliverable/linux.git] / net / ipv6 / esp6.c
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 7db66f10e00d18f80d705fd83459ac5aec43f327..44405325467626a5ca473ef647872ec8cdb14753 100644 (file)
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -230,6 +230,12 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
                }
                /* ... check padding bits here. Silly. :-) */
 
+               /* RFC4303: Drop dummy packets without any error */
+               if (nexthdr[1] == IPPROTO_NONE) {
+                       ret = -EINVAL;
+                       goto out;
+               }
+
                pskb_trim(skb, skb->len - alen - padlen - 2);
                ret = nexthdr[1];
        }
Linux kernel - Deliverables
This page took 0.028315 seconds and 5 git commands to generate.