From: Ben Pfaff Date: Tue, 11 Nov 2008 21:33:24 +0000 (-0800) Subject: In handle_arp_snat() and snat_pre_route() pull enough payload into the headers. X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=288d2171a6be20c5cf70f35bb3def94c81e4af9c;p=openvswitch In handle_arp_snat() and snat_pre_route() pull enough payload into the headers. There is no guarantee that the device put any data at all into the header. The e1000 device, for example, appears to not put any data into the header when the packet is longer than its configured copybreak value, which is 256 bytes by default. So we need to do it ourselves. --- diff --git a/datapath/nx_act_snat.c b/datapath/nx_act_snat.c index 63342857..8bf2ed71 100644 --- a/datapath/nx_act_snat.c +++ b/datapath/nx_act_snat.c @@ -205,6 +205,9 @@ handle_arp_snat(struct sk_buff *skb) struct net_bridge_port *p = skb->dev->br_port; struct ip_arphdr *ah = (struct ip_arphdr *)arp_hdr(skb); + if (!pskb_may_pull(skb, sizeof *ah)) + return 0; + if ((ah->ar_op != htons(ARPOP_REQUEST)) || ah->ar_hln != ETH_ALEN || ah->ar_pro != htons(ETH_P_IP) @@ -305,6 +308,9 @@ snat_pre_route(struct sk_buff *skb) else if (skb->protocol != htons(ETH_P_IP)) return 0; + if (!pskb_may_pull(skb, sizeof *iph)) + goto ipv4_error; + iph = ip_hdr(skb); if (iph->ihl < 5 || iph->version != 4) goto ipv4_error;