On (01/19/17 13:47), Sowmini Varadhan wrote: > > Specifically I'm talking about the dev_validate_header() check. > > That is supposed to protect us from these kinds of situations. > > ah, but I run my pf_packet application as root, so I have > capable(CAP_SYS_RAWIO), so I slip through the dev_validate_header() > check.
and in that light, should dev_validate_header() always return false if len == 0? that will take care of all the send paths in af_packet.c but it impacts all drivers as well (even though it is the logically correct thing to do..) --Sowmini
