Hi All,
I am concerned about applicability of FragmentSmack in NetBSD. I observed that ip_input.c has been split with respect to fragment reassembly (ip_reass.c), the features remaining same.
In the description of the said CVEs we do not have specifics of the packets (fragments) that may cause consumption of memory or CPU. I see that we have upper limit to maximum number of fragments in the reassembly queue and tiny fragment attack is handled.
But I am not sure if overlapping fragments can cause some CPU consumption - because we traverse queue to find the correct offset where incoming fragment should be placed.
In Linux they :fixed" by dropping the whole datagram if an overlapping fragment is seen.
I am no expert in reading this code - please guide.
--
Regards
Ripunjay Tripathi