summaryrefslogtreecommitdiffstats
path: root/net/ipv6/xfrm6_policy.c
diff options
context:
space:
mode:
authorSteffen Klassert <steffen.klassert@secunet.com>2014-12-04 09:46:20 +0100
committerSteffen Klassert <steffen.klassert@secunet.com>2014-12-08 07:38:14 +0100
commitde3b7a06dfe15bda3e66a52285d422b954bb4832 (patch)
tree9cf16ff37aaf5f29642b09650fe535f170a7a0bc /net/ipv6/xfrm6_policy.c
parentopenvswitch: Fix flow mask validation. (diff)
downloadlinux-de3b7a06dfe15bda3e66a52285d422b954bb4832.tar.xz
linux-de3b7a06dfe15bda3e66a52285d422b954bb4832.zip
xfrm6: Fix transport header offset in _decode_session6.
skb->transport_header might not be valid when we do a reverse decode because the ipv6 tunnel error handlers don't update it to the inner transport header. This leads to a wrong offset calculation and to wrong layer 4 informations. We fix this by using the size of the ipv6 header as the first offset. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/ipv6/xfrm6_policy.c')
-rw-r--r--net/ipv6/xfrm6_policy.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 5f983644373a..aa48302f00a1 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -130,8 +130,8 @@ _decode_session6(struct sk_buff *skb, struct flowi *fl, int reverse)
{
struct flowi6 *fl6 = &fl->u.ip6;
int onlyproto = 0;
- u16 offset = skb_network_header_len(skb);
const struct ipv6hdr *hdr = ipv6_hdr(skb);
+ u16 offset = sizeof(*hdr);
struct ipv6_opt_hdr *exthdr;
const unsigned char *nh = skb_network_header(skb);
u8 nexthdr = nh[IP6CB(skb)->nhoff];