Displaying 1 result from an estimated 1 matches for "tcpolen_sack_perblock".
2003 Aug 02
1
[SECURITY] Netfilter Security Advisory: NAT Remote DOS (SACK mangle)
...opsize > length) /* no partial opts */
- return !sack_adjusted;
+ opsize =3D ptr[1];
+ /* no partial opts */
+ if (ptr + opsize > optend || opsize < 2)
+ return;
if (opcode =3D=3D TCPOPT_SACK) {
/* found SACK */
if((opsize >=3D (TCPOLEN_SACK_BASE
+TCPOLEN_SACK_PERBLOCK)) &&
!((opsize - TCPOLEN_SACK_BASE)
% TCPOLEN_SACK_PERBLOCK))
- sack_adjust(tcph, ptr-2,
+ sack_adjust(tcph, ptr,
&ct->nat.info.seq[!dir]);
- =09
- sack_adjusted =3D 1;
}
- ptr +=3D opsize-2;
- length -=3D opsize;
+ ptr +=3D opsize;...