android_kernel_xiaomi_sm8350/net/ipv4
David Ford bbf31bf18d ipv4: additional update of dev_net(dev) to struct *net in ip_fragment.c, NULL ptr OOPS
ipv4 ip_frag_reasm(), fully replace 'dev_net(dev)' with 'net', defined
previously patched into 2.6.29.

Between 2.6.28.10 and 2.6.29, net/ipv4/ip_fragment.c was patched,
changing from dev_net(dev) to container_of(...).  Unfortunately the goto
section (out_fail) on oversized packets inside ip_frag_reasm() didn't
get touched up as well.  Oversized IP packets cause a NULL pointer
dereference and immediate hang.

I discovered this running openvasd and my previous email on this is
titled:  NULL pointer dereference at 2.6.32-rc8:net/ipv4/ip_fragment.c:566

Signed-off-by: David Ford <david@blue-labs.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-11-29 23:02:22 -08:00
..
netfilter netfilter: nf_nat: fix NAT issue in 2.6.30.4+ 2009-11-06 00:43:42 -08:00
af_inet.c net: Use sk_mark for routing lookup in more places 2009-10-01 15:16:49 -07:00
ah4.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
arp.c net: make neigh_ops constant 2009-09-01 17:40:57 -07:00
cipso_ipv4.c
datagram.c
devinet.c ipv4: arp_notify address list bug 2009-10-07 03:18:17 -07:00
esp4.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
fib_frontend.c net: Fix RPF to work with policy routing 2009-10-29 22:49:12 -07:00
fib_hash.c
fib_lookup.h
fib_rules.c
fib_semantics.c
fib_trie.c fib_trie: resize rework 2009-08-28 23:57:15 -07:00
icmp.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
igmp.c bonding: remap muticast addresses without using dev_close() and dev_open() 2009-09-15 02:37:40 -07:00
inet_connection_sock.c tcp: reduce SYN-ACK retrans for TCP_DEFER_ACCEPT 2009-10-19 19:19:03 -07:00
inet_diag.c
inet_fragment.c
inet_hashtables.c
inet_lro.c
inet_timewait_sock.c tcp: fix premature termination of FIN_WAIT2 time-wait sockets 2009-08-29 00:00:35 -07:00
inetpeer.c
ip_forward.c
ip_fragment.c ipv4: additional update of dev_net(dev) to struct *net in ip_fragment.c, NULL ptr OOPS 2009-11-29 23:02:22 -08:00
ip_gre.c gre: Fix dev_addr clobbering for gretap 2009-10-30 12:28:07 -07:00
ip_input.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
ip_options.c
ip_output.c net: Use sk_mark for routing lookup in more places 2009-10-01 15:16:49 -07:00
ip_sockglue.c net: Fix IP_MULTICAST_IF 2009-10-19 21:34:20 -07:00
ipcomp.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
ipconfig.c
ipip.c ipip: Fix handling of DF packets when pmtudisc is OFF 2009-11-06 20:33:40 -08:00
ipmr.c ipmr: missing dev_put() on error path in vif_add() 2009-11-13 19:56:54 -08:00
Kconfig
Makefile
netfilter.c
proc.c
protocol.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
raw.c AF_RAW: Augment raw_send_hdrinc to expand skb to fit iphdr->ihl (v2) 2009-10-29 01:09:58 -07:00
route.c net: Fix RPF to work with policy routing 2009-10-29 22:49:12 -07:00
syncookies.c
sysctl_net_ipv4.c sysctl: remove "struct file *" argument of ->proc_handler 2009-09-24 07:21:04 -07:00
tcp_bic.c
tcp_cong.c
tcp_cubic.c
tcp_diag.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
tcp_input.c tcp: fix ssthresh u16 leftover 2009-09-15 01:30:10 -07:00
tcp_ipv4.c tcp: fix ssthresh u16 leftover 2009-09-15 01:30:10 -07:00
tcp_lp.c
tcp_minisocks.c tcp: accept socket after TCP_DEFER_ACCEPT period 2009-10-19 19:19:01 -07:00
tcp_output.c IPv4 TCP fails to send window scale option when window scale is zero 2009-10-01 15:14:51 -07:00
tcp_probe.c
tcp_scalable.c
tcp_timer.c Revert Backoff [v3]: Calculate TCP's connection close threshold as a time value. 2009-09-01 02:45:47 -07:00
tcp_vegas.c
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tcp.c tcp: provide more information on the tcp receive_queue bugs 2009-11-13 13:56:33 -08:00
tunnel4.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
udp_impl.h net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
udp.c net: fix sk_forward_alloc corruption 2009-10-30 12:25:12 -07:00
udplite.c net: constify struct net_protocol 2009-09-14 17:03:01 -07:00
xfrm4_input.c
xfrm4_mode_beet.c
xfrm4_mode_transport.c
xfrm4_mode_tunnel.c
xfrm4_output.c
xfrm4_policy.c
xfrm4_state.c
xfrm4_tunnel.c