Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/net/npf Retrieve the complete IPv4 header right away, an...



details:   https://anonhg.NetBSD.org/src/rev/014fbd8c34f4
branches:  trunk
changeset: 360663:014fbd8c34f4
user:      maxv <maxv%NetBSD.org@localhost>
date:      Thu Mar 22 09:04:25 2018 +0000

description:
Retrieve the complete IPv4 header right away, and make sure we did retrieve
the IPv6 option header we were iterating on.

diffstat:

 sys/net/npf/npf_inet.c |  15 ++++++++++++---
 1 files changed, 12 insertions(+), 3 deletions(-)

diffs (46 lines):

diff -r b4507b26651d -r 014fbd8c34f4 sys/net/npf/npf_inet.c
--- a/sys/net/npf/npf_inet.c    Thu Mar 22 08:58:56 2018 +0000
+++ b/sys/net/npf/npf_inet.c    Thu Mar 22 09:04:25 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: npf_inet.c,v 1.45 2018/03/22 08:57:47 maxv Exp $       */
+/*     $NetBSD: npf_inet.c,v 1.46 2018/03/22 09:04:25 maxv Exp $       */
 
 /*-
  * Copyright (c) 2009-2014 The NetBSD Foundation, Inc.
@@ -40,7 +40,7 @@
 
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_inet.c,v 1.45 2018/03/22 08:57:47 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_inet.c,v 1.46 2018/03/22 09:04:25 maxv Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -336,10 +336,15 @@
                        return NPC_FMTERR;
                }
 
-               /* Check header length and fragment offset. */
+               /* Retrieve the complete header. */
                if ((u_int)(ip->ip_hl << 2) < sizeof(struct ip)) {
                        return NPC_FMTERR;
                }
+               ip = nbuf_ensure_contig(nbuf, (u_int)(ip->ip_hl << 2));
+               if (ip == NULL) {
+                       return NPC_FMTERR;
+               }
+
                if (ip->ip_off & ~htons(IP_DF | IP_RF)) {
                        /* Note fragmentation. */
                        flags |= NPC_IPFRAG;
@@ -424,6 +429,10 @@
                        npc->npc_hlen += hlen;
                }
 
+               if (ip6e == NULL) {
+                       return NPC_FMTERR;
+               }
+
                /*
                 * Re-fetch the header pointers (nbufs might have been
                 * reallocated).  Restore the original offset (if any).



Home | Main Index | Thread Index | Old Index