Re: [PATCH ipsec-next] xfrm: don't pull esp/auth header in xfrm_parse_spi

On Thu, Nov 02, 2017 at 01:54:10PM +0100, Florian Westphal wrote: > syzbot reported an issue where pointer to ip header content was not > reloaded after xfrm_parse_spi(). > > Its not intuitive that this function changes skb->head, so switch to > skb_pointer_header. I have to admit that this is no

[PATCH ipsec-next] xfrm: don't pull esp/auth header in xfrm_parse_spi

syzbot reported an issue where pointer to ip header content was not reloaded after xfrm_parse_spi(). Its not intuitive that this function changes skb->head, so switch to skb_pointer_header. Reported-by: syzbot Signed-off-by: Florian Westphal --- syzkaller reproducer did not spew a warning even