www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Jason Wang <jasowang@redhat.com>
	Sun, 9 Oct 2011 02:56:44 +0000 (10:56 +0800)
committer	Maxim Uvarov <maxim.uvarov@oracle.com>
	Thu, 8 Dec 2011 19:16:14 +0000 (11:16 -0800)
commit	2c1d6eb118d6fe60e7bb849174eba10ee7886be1
tree	c4f59263aef70a44ec0ad1029b21b1c61a22db8c	tree
parent	4eedadb99860ae8d86e1c60b9bc200fd0a87de4c	commit \| diff

ipv6: fix NULL dereference in udp6_ufo_fragment()

This patch fixes the issue caused by ef81bb40bf15f350fe865f31fa42f1082772a576
which is a backport of upstream 87c48fa3b4630905f98268dde838ee43626a060c. The
problem does not exist in upstream.

We do not check whether route is attached before trying to assign ip
identification through route dest which lead NULL pointer dereference. This
happens when host bridge transmit a packet from guest.

This patch changes ipv6_select_ident() to accept in6_addr as its paramter and
fix the issue by using the destination address in ipv6 header when no route is
attached.

Signed-off-by: Jason Wang <jasowang@redhat.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

include/net/ipv6.h		diff \| blob \| history
net/ipv6/ip6_output.c		diff \| blob \| history
net/ipv6/udp.c		diff \| blob \| history