Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netinet6 fix missing check for taillen against pkthdr.le...
details: https://anonhg.NetBSD.org/src/rev/bdec2a0455bc
branches: trunk
changeset: 549035:bdec2a0455bc
user: itojun <itojun%NetBSD.org@localhost>
date: Fri Jul 04 00:49:18 2003 +0000
description:
fix missing check for taillen against pkthdr.len. markus@openbsd
diffstat:
sys/netinet6/esp_input.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diffs (29 lines):
diff -r c14548859f3e -r bdec2a0455bc sys/netinet6/esp_input.c
--- a/sys/netinet6/esp_input.c Fri Jul 04 00:37:23 2003 +0000
+++ b/sys/netinet6/esp_input.c Fri Jul 04 00:49:18 2003 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: esp_input.c,v 1.29 2003/05/14 06:47:39 itojun Exp $ */
+/* $NetBSD: esp_input.c,v 1.30 2003/07/04 00:49:18 itojun Exp $ */
/* $KAME: esp_input.c,v 1.60 2001/09/04 08:43:19 itojun Exp $ */
/*
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: esp_input.c,v 1.29 2003/05/14 06:47:39 itojun Exp $");
+__KERNEL_RCSID(0, "$NetBSD: esp_input.c,v 1.30 2003/07/04 00:49:18 itojun Exp $");
#include "opt_inet.h"
@@ -330,8 +330,8 @@
nxt = esptail.esp_nxt;
taillen = esptail.esp_padlen + sizeof(esptail);
- if (m->m_pkthdr.len < taillen
- || m->m_pkthdr.len - taillen < hlen) { /* ? */
+ if (m->m_pkthdr.len < taillen ||
+ m->m_pkthdr.len - taillen < off + esplen + ivlen + sizeof(esptail)) {
ipseclog((LOG_WARNING,
"bad pad length in IPv4 ESP input: %s %s\n",
ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
Home |
Main Index |
Thread Index |
Old Index