From: Taehee Yoo <ap420073@gmail.com>
Date: Fri, 1 Jun 2018 10:12:28 +0000 (+0900)
Subject: netfilter: nft_reject_bridge: fix skb allocation size in nft_reject_br_send_v6_unreach
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=0cafa3926f0d8d72a2a814843f4db8cfef66d4ce;p=linux.git

netfilter: nft_reject_bridge: fix skb allocation size in nft_reject_br_send_v6_unreach

In order to allocate icmpv6 skb, sizeof(struct ipv6hdr) should be used.

Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/net/bridge/netfilter/nft_reject_bridge.c b/net/bridge/netfilter/nft_reject_bridge.c
index eaf05de37f75c..6de9812705669 100644
--- a/net/bridge/netfilter/nft_reject_bridge.c
+++ b/net/bridge/netfilter/nft_reject_bridge.c
@@ -261,7 +261,7 @@ static void nft_reject_br_send_v6_unreach(struct net *net,
 	if (!reject6_br_csum_ok(oldskb, hook))
 		return;
 
-	nskb = alloc_skb(sizeof(struct iphdr) + sizeof(struct icmp6hdr) +
+	nskb = alloc_skb(sizeof(struct ipv6hdr) + sizeof(struct icmp6hdr) +
 			 LL_MAX_HEADER + len, GFP_ATOMIC);
 	if (!nskb)
 		return;