[ale] teardrop patch?

Michael H. Warfield mhw at wittsend.com
Fri Nov 14 23:33:16 EST 1997


Dave Brooks enscribed thusly:
> ALE-

> I'm sure you've all seen the (As im sure by now) "teardrop"
> ip_fragmentation bug.  Is there a patch for this as of now besides kernel
> 2.0.32?

	It's a one line patch.  Get the patch-2.1.63.gz file from
ftp.kernel.org, uncompress it, and search for the changes to ip_fragment.c.
That change can be applied to just about any version kernel...

	Oh heck...  Here it is...

+++ linux/net/ipv4/ip_fragment.c        Thu Nov  6 15:02:38 1997
@@ -14,6 +14,7 @@
  *             Alan Cox        :       Split from ip.c , see ip_input.c for history.
  *             David S. Miller :       Begin massive cleanup...
  *             Andi Kleen      :       Add sysctls.
+ *             xxxx            :       Overlapfrag bug.
  */

 #include <linux/types.h>
@@ -339,7 +340,7 @@
        /* Copy the data portions of all fragments into the new buffer. */
        fp = qp->fragments;
        while(fp) {
-               if(count+fp->len > skb->len) {
+               if (fp->len < 0 || count+fp->len > skb->len) {
                        NETDEBUG(printk(KERN_ERR "Invalid fragment list: "
                                        "Fragment over size.\n"));
                        ip_free(qp);

> thanks,
> dave.

> --------------------------------
> Dave Brooks         
> spork at chefmike.com 
> http://spork.777.net

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!






More information about the Ale mailing list