mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-26 18:43:33 -05:00
netfilter: remove BUG_ON() after skb_header_pointer()
Several conntrack helpers and the TCP tracker assume that skb_header_pointer() never fails based on upfront header validation. Even if this should not ever happen, BUG_ON() is a too drastic measure, remove them. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
5e024c3254
commit
198ad97383
6 changed files with 21 additions and 7 deletions
|
@ -413,7 +413,10 @@ static int help(struct sk_buff *skb,
|
|||
|
||||
spin_lock_bh(&nf_ftp_lock);
|
||||
fb_ptr = skb_header_pointer(skb, dataoff, datalen, ftp_buffer);
|
||||
BUG_ON(fb_ptr == NULL);
|
||||
if (!fb_ptr) {
|
||||
spin_unlock_bh(&nf_ftp_lock);
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
|
||||
ends_in_nl = (fb_ptr[datalen - 1] == '\n');
|
||||
seq = ntohl(th->seq) + datalen;
|
||||
|
|
|
@ -146,7 +146,8 @@ static int get_tpkt_data(struct sk_buff *skb, unsigned int protoff,
|
|||
/* Get first TPKT pointer */
|
||||
tpkt = skb_header_pointer(skb, tcpdataoff, tcpdatalen,
|
||||
h323_buffer);
|
||||
BUG_ON(tpkt == NULL);
|
||||
if (!tpkt)
|
||||
goto clear_out;
|
||||
|
||||
/* Validate TPKT identifier */
|
||||
if (tcpdatalen < 4 || tpkt[0] != 0x03 || tpkt[1] != 0) {
|
||||
|
|
|
@ -143,7 +143,10 @@ static int help(struct sk_buff *skb, unsigned int protoff,
|
|||
spin_lock_bh(&irc_buffer_lock);
|
||||
ib_ptr = skb_header_pointer(skb, dataoff, skb->len - dataoff,
|
||||
irc_buffer);
|
||||
BUG_ON(ib_ptr == NULL);
|
||||
if (!ib_ptr) {
|
||||
spin_unlock_bh(&irc_buffer_lock);
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
|
||||
data = ib_ptr;
|
||||
data_limit = ib_ptr + skb->len - dataoff;
|
||||
|
|
|
@ -544,7 +544,9 @@ conntrack_pptp_help(struct sk_buff *skb, unsigned int protoff,
|
|||
|
||||
nexthdr_off = protoff;
|
||||
tcph = skb_header_pointer(skb, nexthdr_off, sizeof(_tcph), &_tcph);
|
||||
BUG_ON(!tcph);
|
||||
if (!tcph)
|
||||
return NF_ACCEPT;
|
||||
|
||||
nexthdr_off += tcph->doff * 4;
|
||||
datalen = tcplen - tcph->doff * 4;
|
||||
|
||||
|
|
|
@ -338,7 +338,8 @@ static void tcp_options(const struct sk_buff *skb,
|
|||
|
||||
ptr = skb_header_pointer(skb, dataoff + sizeof(struct tcphdr),
|
||||
length, buff);
|
||||
BUG_ON(ptr == NULL);
|
||||
if (!ptr)
|
||||
return;
|
||||
|
||||
state->td_scale =
|
||||
state->flags = 0;
|
||||
|
@ -394,7 +395,8 @@ static void tcp_sack(const struct sk_buff *skb, unsigned int dataoff,
|
|||
|
||||
ptr = skb_header_pointer(skb, dataoff + sizeof(struct tcphdr),
|
||||
length, buff);
|
||||
BUG_ON(ptr == NULL);
|
||||
if (!ptr)
|
||||
return;
|
||||
|
||||
/* Fast path for timestamp-only option */
|
||||
if (length == TCPOLEN_TSTAMP_ALIGNED
|
||||
|
|
|
@ -95,7 +95,10 @@ static int help(struct sk_buff *skb,
|
|||
|
||||
spin_lock_bh(&nf_sane_lock);
|
||||
sb_ptr = skb_header_pointer(skb, dataoff, datalen, sane_buffer);
|
||||
BUG_ON(sb_ptr == NULL);
|
||||
if (!sb_ptr) {
|
||||
spin_unlock_bh(&nf_sane_lock);
|
||||
return NF_ACCEPT;
|
||||
}
|
||||
|
||||
if (dir == IP_CT_DIR_ORIGINAL) {
|
||||
if (datalen != sizeof(struct sane_request))
|
||||
|
|
Loading…
Add table
Reference in a new issue