Don't try to extract UDP/TCP port numbers from IP fragments.

[openvswitch] / datapath / flow.c

diff --git a/datapath/flow.c b/datapath/flow.c
index e3e1eb92a5460b53c427384d592229e25cc5723c..d4c4802138f76602d15ada6bb2c69fa3b61b5e75 100644 (file)
--- a/datapath/flow.c
+++ b/datapath/flow.c
@@ -17,6 +17,7 @@
 #include <linux/udp.h>
 #include <linux/in.h>
 #include <linux/rcupdate.h>
+#include <net/ip.h>
 
 #include "openflow.h"
 #include "compat.h"
@@ -251,7 +252,8 @@ void flow_extract(struct sk_buff *skb, uint16_t in_port,
 
                /* Transport layer. */
                if ((key->nw_proto != IPPROTO_TCP && key->nw_proto != IPPROTO_UDP)
-                               || skb->len < th_ofs + sizeof(struct udphdr)) {
+                   || skb->len < th_ofs + sizeof(struct udphdr)
+                   || nh->frag_off & htons(IP_MF | IP_OFFSET)) {
                        goto no_th;
                }
                th = udp_hdr(skb);