Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/arch/arm/imx * avoid writing past the end of the mbuf.
details: https://anonhg.NetBSD.org/src/rev/06c1670dd97f
branches: trunk
changeset: 359576:06c1670dd97f
user: ryo <ryo%NetBSD.org@localhost>
date: Fri Feb 16 08:42:45 2018 +0000
description:
* avoid writing past the end of the mbuf.
* m_getptr was introduced for the IPsec Crypto code. it must not be used here.
pointed out by maxv@. thanks.
diffstat:
sys/arch/arm/imx/if_enet.c | 18 +++++++++---------
1 files changed, 9 insertions(+), 9 deletions(-)
diffs (47 lines):
diff -r 0ae1ff6de7cd -r 06c1670dd97f sys/arch/arm/imx/if_enet.c
--- a/sys/arch/arm/imx/if_enet.c Fri Feb 16 07:59:05 2018 +0000
+++ b/sys/arch/arm/imx/if_enet.c Fri Feb 16 08:42:45 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_enet.c,v 1.11 2017/06/09 18:14:59 ryo Exp $ */
+/* $NetBSD: if_enet.c,v 1.12 2018/02/16 08:42:45 ryo Exp $ */
/*
* Copyright (c) 2014 Ryo Shimizu <ryo%nerv.org@localhost>
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_enet.c,v 1.11 2017/06/09 18:14:59 ryo Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_enet.c,v 1.12 2018/02/16 08:42:45 ryo Exp $");
#include "vlan.h"
@@ -1689,8 +1689,7 @@
/* fill protocol cksum zero beforehand */
if (csumflags & (M_CSUM_UDPv4 | M_CSUM_TCPv4 |
M_CSUM_UDPv6 | M_CSUM_TCPv6)) {
- struct mbuf *m1;
- int ehlen, moff;
+ int ehlen;
uint16_t etype;
m_copydata(m, ETHER_ADDR_LEN * 2, sizeof(etype), &etype);
@@ -1708,12 +1707,13 @@
}
if (ehlen) {
- m1 = m_getptr(m, ehlen +
+ const int off =
M_CSUM_DATA_IPv4_IPHL(m->m_pkthdr.csum_data) +
- M_CSUM_DATA_IPv4_OFFSET(m->m_pkthdr.csum_data),
- &moff);
- if (m1 != NULL)
- *(uint16_t *)(mtod(m1, char *) + moff) = 0;
+ M_CSUM_DATA_IPv4_OFFSET(m->m_pkthdr.csum_data);
+ if (m->m_pkthdr.len >= ehlen + off + sizeof(uint16_t)) {
+ uint16_t zero = 0;
+ m_copyback(m, ehlen + off, sizeof(zero), &zero);
+ }
}
}
Home |
Main Index |
Thread Index |
Old Index