Google Git
Sign in
android / kernel / msm.git / 0c2304aefb902cbc37b17053c5e22daa7417c50f
commit0c2304aefb902cbc37b17053c5e22daa7417c50f[log] [tgz]
authorShreyansh Chouhan <chouhan.shreyansh630@gmail.com>Sat Aug 21 12:44:24 2021 +0530
committerEva Huang <evahuang@google.com>Mon Nov 01 10:30:54 2021 +0800
treecc452db3f2730c1aa6aa0815198c225aa162a884
parent231ca22bdf24c587c5bc8dc6ed0e0ac16d773970 [diff]
ip_gre: add validation for csum_start

[ Upstream commit 1d011c4803c72f3907eccfc1ec63caefb852fcbf ]

Validate csum_start in gre_handle_offloads before we call _gre_xmit so
that we do not crash later when the csum_start value is used in the
lco_csum function call.

This patch deals with ipv4 code.

Bug: 150694665
Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.")
Reported-by: syzbot+ff8e1b9f2f36481e2efc@syzkaller.appspotmail.com
Signed-off-by: Shreyansh Chouhan <chouhan.shreyansh630@gmail.com>
Reviewed-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Change-Id: If54a12b14b667d46532326e885c39fec52dfe442
1 file changed
tree: cc452db3f2730c1aa6aa0815198c225aa162a884
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. techpack/
  21. test/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .cocciconfig
  27. .get_maintainer.ignore
  28. .gitattributes
  29. .gitignore
  30. .mailmap
  31. Androidbp
  32. AndroidKernel.mk
  33. build.config
  34. build.config.aarch64
  35. build.config.boundsan
  36. build.config.common
  37. build.config.common.clang
  38. build.config.cuttlefish.aarch64
  39. build.config.cuttlefish.x86_64
  40. build.config.debug_api
  41. build.config.debug_hang
  42. build.config.debug_locking
  43. build.config.debug_memory
  44. build.config.floral
  45. build.config.floral.common
  46. build.config.floral.common.clang
  47. build.config.floral_debug_api
  48. build.config.floral_debug_hang
  49. build.config.floral_debug_locking
  50. build.config.floral_debug_memory
  51. build.config.floral_debug_memory_accounting
  52. build.config.floral_kasan
  53. build.config.floral_khwasan
  54. build.config.floral_no-cfi
  55. build.config.floral_performance
  56. build.config.gcc
  57. build.config.kasan
  58. build.config.khwasan
  59. build.config.no-cfi
  60. build.config.performance
  61. build.config.sunfish
  62. build.config.sunfish.common
  63. build.config.sunfish.common.clang
  64. build.config.sunfish_debug_api
  65. build.config.sunfish_debug_hang
  66. build.config.sunfish_debug_locking
  67. build.config.sunfish_debug_memory
  68. build.config.sunfish_debug_memory_accounting
  69. build.config.sunfish_kasan
  70. build.config.sunfish_khwasan
  71. build.config.sunfish_no-cfi
  72. build.config.sunfish_performance
  73. build_floral.sh
  74. build_sunfish.sh
  75. COPYING
  76. CREDITS
  77. disable_dbgfs.sh
  78. gen_headers_arm.bp
  79. gen_headers_arm64.bp
  80. Kbuild
  81. Kconfig
  82. kernel_headers.py
  83. MAINTAINERS
  84. Makefile
  85. PREUPLOAD.cfg
  86. README
  87. verity_dev_keys.x509