|
|
@@ -275,7 +275,7 @@ int ip_options_compile(struct net *net,
|
|
|
|
|
|
for (l = opt->optlen; l > 0; ) {
|
|
|
switch (*optptr) {
|
|
|
- case IPOPT_END:
|
|
|
+ case IPOPT_END:
|
|
|
for (optptr++, l--; l > 0; optptr++, l--) {
|
|
|
if (*optptr != IPOPT_END) {
|
|
|
*optptr = IPOPT_END;
|
|
|
@@ -283,7 +283,7 @@ int ip_options_compile(struct net *net,
|
|
|
}
|
|
|
}
|
|
|
goto eol;
|
|
|
- case IPOPT_NOOP:
|
|
|
+ case IPOPT_NOOP:
|
|
|
l--;
|
|
|
optptr++;
|
|
|
continue;
|
|
|
@@ -294,8 +294,8 @@ int ip_options_compile(struct net *net,
|
|
|
goto error;
|
|
|
}
|
|
|
switch (*optptr) {
|
|
|
- case IPOPT_SSRR:
|
|
|
- case IPOPT_LSRR:
|
|
|
+ case IPOPT_SSRR:
|
|
|
+ case IPOPT_LSRR:
|
|
|
if (optlen < 3) {
|
|
|
pp_ptr = optptr + 1;
|
|
|
goto error;
|
|
|
@@ -321,7 +321,7 @@ int ip_options_compile(struct net *net,
|
|
|
opt->is_strictroute = (optptr[0] == IPOPT_SSRR);
|
|
|
opt->srr = optptr - iph;
|
|
|
break;
|
|
|
- case IPOPT_RR:
|
|
|
+ case IPOPT_RR:
|
|
|
if (opt->rr) {
|
|
|
pp_ptr = optptr;
|
|
|
goto error;
|
|
|
@@ -349,7 +349,7 @@ int ip_options_compile(struct net *net,
|
|
|
}
|
|
|
opt->rr = optptr - iph;
|
|
|
break;
|
|
|
- case IPOPT_TIMESTAMP:
|
|
|
+ case IPOPT_TIMESTAMP:
|
|
|
if (opt->ts) {
|
|
|
pp_ptr = optptr;
|
|
|
goto error;
|
|
|
@@ -369,13 +369,13 @@ int ip_options_compile(struct net *net,
|
|
|
goto error;
|
|
|
}
|
|
|
switch (optptr[3]&0xF) {
|
|
|
- case IPOPT_TS_TSONLY:
|
|
|
+ case IPOPT_TS_TSONLY:
|
|
|
if (skb)
|
|
|
timeptr = &optptr[optptr[2]-1];
|
|
|
opt->ts_needtime = 1;
|
|
|
optptr[2] += 4;
|
|
|
break;
|
|
|
- case IPOPT_TS_TSANDADDR:
|
|
|
+ case IPOPT_TS_TSANDADDR:
|
|
|
if (optptr[2]+7 > optptr[1]) {
|
|
|
pp_ptr = optptr + 2;
|
|
|
goto error;
|
|
|
@@ -389,7 +389,7 @@ int ip_options_compile(struct net *net,
|
|
|
opt->ts_needtime = 1;
|
|
|
optptr[2] += 8;
|
|
|
break;
|
|
|
- case IPOPT_TS_PRESPEC:
|
|
|
+ case IPOPT_TS_PRESPEC:
|
|
|
if (optptr[2]+7 > optptr[1]) {
|
|
|
pp_ptr = optptr + 2;
|
|
|
goto error;
|
|
|
@@ -405,7 +405,7 @@ int ip_options_compile(struct net *net,
|
|
|
opt->ts_needtime = 1;
|
|
|
optptr[2] += 8;
|
|
|
break;
|
|
|
- default:
|
|
|
+ default:
|
|
|
if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) {
|
|
|
pp_ptr = optptr + 3;
|
|
|
goto error;
|
|
|
@@ -433,7 +433,7 @@ int ip_options_compile(struct net *net,
|
|
|
}
|
|
|
opt->ts = optptr - iph;
|
|
|
break;
|
|
|
- case IPOPT_RA:
|
|
|
+ case IPOPT_RA:
|
|
|
if (optlen < 4) {
|
|
|
pp_ptr = optptr + 1;
|
|
|
goto error;
|
|
|
@@ -441,7 +441,7 @@ int ip_options_compile(struct net *net,
|
|
|
if (optptr[2] == 0 && optptr[3] == 0)
|
|
|
opt->router_alert = optptr - iph;
|
|
|
break;
|
|
|
- case IPOPT_CIPSO:
|
|
|
+ case IPOPT_CIPSO:
|
|
|
if ((!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) || opt->cipso) {
|
|
|
pp_ptr = optptr;
|
|
|
goto error;
|
|
|
@@ -452,9 +452,9 @@ int ip_options_compile(struct net *net,
|
|
|
goto error;
|
|
|
}
|
|
|
break;
|
|
|
- case IPOPT_SEC:
|
|
|
- case IPOPT_SID:
|
|
|
- default:
|
|
|
+ case IPOPT_SEC:
|
|
|
+ case IPOPT_SID:
|
|
|
+ default:
|
|
|
if (!skb && !ns_capable(net->user_ns, CAP_NET_RAW)) {
|
|
|
pp_ptr = optptr;
|
|
|
goto error;
|
Weilong Chen