提交 06c7af56 编写于 作者: K Konstantin Sharlaimov 提交者: David S. Miller

[PPP]: Fix output buffer size in ppp_decompress_frame().

This patch addresses the issue with "osize too small" errors in mppe
encryption.  The patch fixes the issue with wrong output buffer size
being passed to ppp decompression routine.

--------------------
As pointed out by Suresh Mahalingam, the issue addressed by
ppp-fix-osize-too-small-errors-when-decoding patch is not fully resolved yet.
The size of allocated output buffer is correct, however it size passed to
ppp->rcomp->decompress in ppp_generic.c if wrong. The patch fixes that.
--------------------
Signed-off-by: NKonstantin Sharlaimov <konstantin.sharlaimov@gmail.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 2c20d72a
...@@ -1726,7 +1726,7 @@ ppp_decompress_frame(struct ppp *ppp, struct sk_buff *skb) ...@@ -1726,7 +1726,7 @@ ppp_decompress_frame(struct ppp *ppp, struct sk_buff *skb)
} }
/* the decompressor still expects the A/C bytes in the hdr */ /* the decompressor still expects the A/C bytes in the hdr */
len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2,
skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN); skb->len + 2, ns->data, obuff_size);
if (len < 0) { if (len < 0) {
/* Pass the compressed frame to pppd as an /* Pass the compressed frame to pppd as an
error indication. */ error indication. */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册