commit | a206bcb3b02025b23137f3228109d72e0f835c05 | [log] [tgz] |
---|---|---|
author | Pablo Neira Ayuso <pablo@netfilter.org> | Thu Jul 25 10:46:46 2013 +0200 |
committer | Pablo Neira Ayuso <pablo@netfilter.org> | Thu Aug 01 11:45:15 2013 +0200 |
tree | 517502da0639006d869a3d407d78132c5acb3dea | |
parent | 71ffe9c77dd7a2b62207953091efa8dafec958dd [diff] |
netfilter: xt_TCPOPTSTRIP: fix possible off by one access Fix a possible off by one access since optlen() touches opt[offset+1] unsafely when i == tcp_hdrlen(skb) - 1. This patch replaces tcp_hdrlen() by the local variable tcp_hdrlen that stores the TCP header length, to save some cycles. Reported-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>