[PPP]: Fix output buffer size in ppp_decompress_frame().

This patch addresses the issue with "osize too small" errors in mppe encryption. The patch fixes the issue with wrong output buffer size being passed to ppp decompression routine. -------------------- As pointed out by Suresh Mahalingam, the issue addressed by ppp-fix-osize-too-small-errors-when-decoding patch is not fully resolved yet. The size of allocated output buffer is correct, however it size passed to ppp->rcomp->decompress in ppp_generic.c if wrong. The patch fixes that. -------------------- Signed-off-by: N Konstantin Sharlaimov <konstantin.sharlaimov@gmail.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

[PPP]: Fix output buffer size in ppp_decompress_frame().
This patch addresses the issue with "osize too small" errors in mppe encryption. The patch fixes the issue with wrong output buffer size being passed to ppp decompression routine. -------------------- As pointed out by Suresh Mahalingam, the issue addressed by ppp-fix-osize-too-small-errors-when-decoding patch is not fully resolved yet. The size of allocated output buffer is correct, however it size passed to ppp->rcomp->decompress in ppp_generic.c if wrong. The patch fixes that. -------------------- Signed-off-by: N Konstantin Sharlaimov <konstantin.sharlaimov@gmail.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
06c7af56 · Konstantin Sharlaimov · David S. Miller · 2c20d72a · 06c7af56
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

drivers/net/ppp_generic.c drivers/net/ppp_generic.c +1 -1

未找到文件。
--- a/drivers/net/ppp_generic.c
+++ b/drivers/net/ppp_generic.c
@@ -1726,7 +1726,7 @@ ppp_decompress_frame(struct ppp *ppp, struct sk_buff *skb)
 		}
 		/* the decompressor still expects the A/C bytes in the hdr */
 		len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2,
-				skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN);
+				skb->len + 2, ns->data, obuff_size);
 		if (len < 0) {
 			/* Pass the compressed frame to pppd as an
 			   error indication. */