diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-05-05 23:30:49 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-05-06 00:45:48 +0300 |
commit | 198ad973839ca4686f3575155ba9ff178289905f (patch) | |
tree | 84be795e49b224992fb1ccee0b4d679b364fb919 /net/netfilter/nf_conntrack_pptp.c | |
parent | 5e024c325406470d1165a09c6feaf8ec897936be (diff) | |
download | linux-198ad973839ca4686f3575155ba9ff178289905f.tar.xz |
netfilter: remove BUG_ON() after skb_header_pointer()
Several conntrack helpers and the TCP tracker assume that
skb_header_pointer() never fails based on upfront header validation.
Even if this should not ever happen, BUG_ON() is a too drastic measure,
remove them.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nf_conntrack_pptp.c')
-rw-r--r-- | net/netfilter/nf_conntrack_pptp.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_pptp.c b/net/netfilter/nf_conntrack_pptp.c index 5105d4250012..7d5708b92138 100644 --- a/net/netfilter/nf_conntrack_pptp.c +++ b/net/netfilter/nf_conntrack_pptp.c @@ -544,7 +544,9 @@ conntrack_pptp_help(struct sk_buff *skb, unsigned int protoff, nexthdr_off = protoff; tcph = skb_header_pointer(skb, nexthdr_off, sizeof(_tcph), &_tcph); - BUG_ON(!tcph); + if (!tcph) + return NF_ACCEPT; + nexthdr_off += tcph->doff * 4; datalen = tcplen - tcph->doff * 4; |