From: David Howells Date: Tue, 29 Sep 2020 20:48:50 +0000 (+0100) Subject: rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=ceff522db2cc2915d50ca7f019df1cc8b19c871c;p=linux.git rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet In the rxkad security class, don't use pskb_pull() to advance through the contents of the response packet. There's no point, especially as the next and last access to the skbuff still has to allow for the wire header in the offset (which we didn't advance over). Better to just add the displacement to the next offset. Signed-off-by: David Howells --- diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c index f3182edfcbaec..e5b4bbdd0f34d 100644 --- a/net/rxrpc/rxkad.c +++ b/net/rxrpc/rxkad.c @@ -1162,8 +1162,6 @@ static int rxkad_verify_response(struct rxrpc_connection *conn, if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header), response, sizeof(*response)) < 0) goto protocol_error; - if (!pskb_pull(skb, sizeof(*response))) - BUG(); version = ntohl(response->version); ticket_len = ntohl(response->ticket_len); @@ -1194,7 +1192,7 @@ static int rxkad_verify_response(struct rxrpc_connection *conn, eproto = tracepoint_string("rxkad_tkt_short"); abort_code = RXKADPACKETSHORT; - if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header), + if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header) + sizeof(*response), ticket, ticket_len) < 0) goto protocol_error_free;