patch-2.0.36 linux/net/ipv4/ip_input.c

• Lines: 40
• Date: Sun Nov 15 10:33:21 1998
• Orig file: v2.0.35/linux/net/ipv4/ip_input.c
• Orig date: Wed Sep 17 12:00:47 1997

diff -u --recursive --new-file v2.0.35/linux/net/ipv4/ip_input.c linux/net/ipv4/ip_input.c
@@ -251,14 +251,6 @@
 
 	ip_statistics.IpInReceives++;
 
-	/*
-	 *	Account for the packet (even if the packet is
-	 *	not accepted by the firewall!).
-	 */
-
-#ifdef CONFIG_IP_ACCT
-	ip_fw_chk(iph,dev,NULL,ip_acct_chain,0,IP_FW_MODE_ACCT_IN);
-#endif	
 
 	/*
 	 *	Tag the ip header of this packet so we can find it
@@ -294,6 +286,24 @@
 	 */
 
 	skb_trim(skb,ntohs(iph->tot_len));
+	
+	if(skb->len < (iph->ihl<<2))
+	{
+		ip_statistics.IpInHdrErrors++;
+		kfree_skb(skb, FREE_WRITE);
+		return 0;
+	}
+
+	/*
+	 *	Account for the packet (even if the packet is
+	 *	not accepted by the firewall!). We do this after
+	 *	the sanity checks and the additional ihl check
+	 *	so we dont account garbage as we might do before.
+	 */
+
+#ifdef CONFIG_IP_ACCT
+	ip_fw_chk(iph,dev,NULL,ip_acct_chain,0,IP_FW_MODE_ACCT_IN);
+#endif	
 
 	/*
 	 *	Try to select closest <src,dst> alias device, if any.