[PATCH 4.8 21/45] GSO: Reload iph after pskb_may_pull
From: Greg Kroah-Hartman
Date: Fri Dec 09 2016 - 11:22:02 EST
4.8-stable review patch. If anyone has any objections, please let me know.
------------------
From: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
[ Upstream commit a510887824171ad260cc4a2603396c6247fdd091 ]
As it may get stale and lead to use after free.
Acked-by: Eric Dumazet <eric.dumazet@xxxxxxxxx>
Cc: Alexander Duyck <aduyck@xxxxxxxxxxxx>
Cc: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
Fixes: cbc53e08a793 ("GSO: Add GSO type for fixed IPv4 ID")
Signed-off-by: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
Acked-by: Alexander Duyck <alexander.h.duyck@xxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/ipv4/af_inet.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1237,7 +1237,7 @@ struct sk_buff *inet_gso_segment(struct
fixedid = !!(skb_shinfo(skb)->gso_type & SKB_GSO_TCP_FIXEDID);
/* fixed ID is invalid if DF bit is not set */
- if (fixedid && !(iph->frag_off & htons(IP_DF)))
+ if (fixedid && !(ip_hdr(skb)->frag_off & htons(IP_DF)))
goto out;
}