> On Dec 17, 2018, at 9:50 AM, Richardson, Bruce <[email protected]> > wrote: > > The checksum calculation APIs take only the packet headers pointers as > parameters, so they assume that the lengths reported in those headers are > correct. However, a malicious packet could claim to be far larger than it > is, so we need to check the header lengths in the driver before calling > the checksum API. > > A better fix would be to allow the lengths to be passed into the API > function, but that would be an API break, so fixing in TAP driver for > now. > > CC: [email protected] > Fixes: 8ae3023387e9 ("net/tap: add Rx/Tx checksum offload support") > > Signed-off-by: Bruce Richardson <[email protected]> > —
Acked-by: Keith Wiles <[email protected]> Regards, Keith
