SYSRQ: ignore non-UDP packets

diff --git a/doc/changelog.txt b/doc/changelog.txt
index 51de32daf7c8751f782cebb885f7a67fd5003f9e..2839deea9e9e08cd080d3d4e08002e5b1cfd1aca 100644 (file)
--- a/doc/changelog.txt
+++ b/doc/changelog.txt
@@ -2,6 +2,7 @@
 
 - fuzzy: need to account for kernel-level modified variables in .userspacesize
 - geoip: remove XT_ALIGN from .userspacesize when used with offsetof
+- SYSRQ: ignore non-UDP packets
 - add "STEAL" target
 - dhcpmac: rename from dhcpaddr
 

diff --git a/extensions/xt_SYSRQ.c b/extensions/xt_SYSRQ.c
index 4297db548432d306f8a52f4d775cfa37b36839ee..dc310ee4be1f688307417093691d5f5abbdd6092 100644 (file)
--- a/extensions/xt_SYSRQ.c
+++ b/extensions/xt_SYSRQ.c
@@ -199,7 +199,10 @@ sysrq_tg4(struct sk_buff **pskb, const struct xt_target_param *par)
        if (skb_linearize(skb) < 0)
                return NF_DROP;
 
-       iph  = ip_hdr(skb);
+       iph = ip_hdr(skb);
+       if (iph->protocol != IPPROTO_UDP)
+               return NF_ACCEPT; /* sink it */
+
        udph = (void *)iph + ip_hdrlen(skb);
        len  = ntohs(udph->len) - sizeof(struct udphdr);
 
@@ -217,12 +220,18 @@ sysrq_tg6(struct sk_buff **pskb, const struct xt_target_param *par)
        struct sk_buff *skb = *pskb;
        const struct ipv6hdr *iph;
        const struct udphdr *udph;
+       unsigned short frag_off;
+       unsigned int th_off;
        uint16_t len;
 
        if (skb_linearize(skb) < 0)
                return NF_DROP;
 
-       iph  = ipv6_hdr(skb);
+       iph = ipv6_hdr(skb);
+       if (ipv6_find_hdr(skb, &th_off, IPPROTO_UDP, &frag_off) < 0 ||
+           frag_off > 0)
+               return NF_ACCEPT; /* sink it */
+
        udph = udp_hdr(skb);
        len  = ntohs(udph->len) - sizeof(struct udphdr);