> On Dec 17, 2018, at 9:50 AM, Richardson, Bruce <bruce.richard...@intel.com>
> wrote:
>
> The checksum calculation APIs take only the packet headers pointers as
> parameters, so they assume that the lengths reported in those headers are
> correct. However, a malicious packet could claim to be far larger than it
> is, so we need to check the header lengths in the driver before calling
> the checksum API.
>
> A better fix would be to allow the lengths to be passed into the API
> function, but that would be an API break, so fixing in TAP driver for
> now.
>
> CC: sta...@dpdk.org
> Fixes: 8ae3023387e9 ("net/tap: add Rx/Tx checksum offload support")
>
> Signed-off-by: Bruce Richardson <bruce.richard...@intel.com>
> —
Acked-by: Keith Wiles <keith.wi...@intel.com>
Regards,
Keith
