mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-06 08:46:46 +00:00
Code Issues Releases Wiki Activity

mac802154: fix mac header length check

Browse source 
I got report about that sometimes the WARN_ON occurs there which should
never happen. I came to the conclusion that the mac header is there but
inside the headroom of skb. The skb->len information doesn't contain the
information about the headroom length and skb->len is lesser than two.

We check now if the skb_mac_header pointer is set and the room between
mac header pointer and tail pointer.

Signed-off-by: Alexander Aring <aar@pengutronix.de>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This commit is contained in:
Alexander Aring 2016-02-19 09:59:11 +01:00 committed by Marcel Holtmann
parent aff3eaa03d
commit 07b0188adf
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
include/net/mac802154.h
View file

@ -247,8 +247,9 @@ struct ieee802154_ops {
*/
static inline __le16 ieee802154_get_fc_from_skb(const struct sk_buff *skb)
{
/* return some invalid fc on failure */
if (unlikely(skb->len < 2)) {
/* check if we can fc at skb_mac_header of sk buffer */
if (unlikely(!skb_mac_header_was_set(skb) ||
(skb_tail_pointer(skb) - skb_mac_header(skb)) < 2)) {
WARN_ON(1);
return cpu_to_le16(0);
}