netfilter: nf_nat: fix crash in nf_nat_csum

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Fix crash in nf_nat_csum when mangling packets
in OUTPUT hook where skb->dev is not defined, it is set
later before POSTROUTING. Problem happens for CHECKSUM_NONE.
We can check device from rt but using CHECKSUM_PARTIAL
should be safe (skb_checksum_help).

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Julian Anastasov and committed by

Pablo Neira Ayuso 15 years ago d9be76f3 b48e3c5c

+1 -1

1 changed file

expand all

net

ipv4

netfilter

nf_nat_helper.c

+1 -1

net/ipv4/netfilter/nf_nat_helper.c

··· 160 160 161 161 if (skb->ip_summed != CHECKSUM_PARTIAL) { 162 162 if (!(rt->rt_flags & RTCF_LOCAL) && 163 - skb->dev->features & NETIF_F_V4_CSUM) { 163 + (!skb->dev || skb->dev->features & NETIF_F_V4_CSUM)) { 164 164 skb->ip_summed = CHECKSUM_PARTIAL; 165 165 skb->csum_start = skb_headroom(skb) + 166 166 skb_network_offset(skb) +