From b7a182c3183c1e1e2e4ba341475d3d0cb001bcd4 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 5 Jun 2014 16:08:06 -0700
Subject: [PATCH] update
 queue-3.4/filter-prevent-nla-extensions-to-peek-beyond-the-end-of-the-message.patch

---
 ...xtensions-to-peek-beyond-the-end-of-the-message.patch | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/queue-3.4/filter-prevent-nla-extensions-to-peek-beyond-the-end-of-the-message.patch b/queue-3.4/filter-prevent-nla-extensions-to-peek-beyond-the-end-of-the-message.patch
index 16ea4978fb6..de99af34aea 100644
--- a/queue-3.4/filter-prevent-nla-extensions-to-peek-beyond-the-end-of-the-message.patch
+++ b/queue-3.4/filter-prevent-nla-extensions-to-peek-beyond-the-end-of-the-message.patch
@@ -62,12 +62,19 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 
 --- a/net/core/filter.c
 +++ b/net/core/filter.c
-@@ -338,11 +338,15 @@ load_b:
+@@ -322,6 +322,8 @@ load_b:
  
  			if (skb_is_nonlinear(skb))
  				return 0;
 +			if (skb->len < sizeof(struct nlattr))
 +				return 0;
+ 			if (A > skb->len - sizeof(struct nlattr))
+ 				return 0;
+ 
+@@ -338,11 +340,13 @@ load_b:
+ 
+ 			if (skb_is_nonlinear(skb))
+ 				return 0;
 +			if (skb->len < sizeof(struct nlattr))
 +				return 0;
  			if (A > skb->len - sizeof(struct nlattr))
-- 
2.47.3