Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-6-1]: src/sys/net Pull up following revision(s) (requested by max...
details: https://anonhg.NetBSD.org/src/rev/b427dad4e58f
branches: netbsd-6-1
changeset: 776168:b427dad4e58f
user: snj <snj%NetBSD.org@localhost>
date: Sun Feb 05 05:47:28 2017 +0000
description:
Pull up following revision(s) (requested by maxv in ticket #1429):
sys/net/if_arcsubr.c: revision 1.76 via patch
sys/net/if_ecosubr.c: revision 1.50 via patch
sys/net/if_ethersubr.c: revision 1.236 via patch
sys/net/if_fddisubr.c: revision 1.104 via patch
sys/net/if_tokensubr.c: revision 1.80 via patch
Don't forget to free the mbuf when we decide not to reply to an ARP
request. This obviously is a terrible bug, since it allows a remote sender
to DoS the system with specially-crafted requests sent in a loop.
diffstat:
sys/net/if_arcsubr.c | 8 +++++---
sys/net/if_ecosubr.c | 17 +++++++++++------
sys/net/if_ethersubr.c | 5 +++--
sys/net/if_fddisubr.c | 8 +++++---
sys/net/if_tokensubr.c | 8 +++++---
5 files changed, 29 insertions(+), 17 deletions(-)
diffs (169 lines):
diff -r 1ba5b0256400 -r b427dad4e58f sys/net/if_arcsubr.c
--- a/sys/net/if_arcsubr.c Sun Nov 13 06:45:09 2016 +0000
+++ b/sys/net/if_arcsubr.c Sun Feb 05 05:47:28 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_arcsubr.c,v 1.63.14.1 2012/10/23 16:19:47 riz Exp $ */
+/* $NetBSD: if_arcsubr.c,v 1.63.14.1.2.1 2017/02/05 05:47:28 snj Exp $ */
/*
* Copyright (c) 1994, 1995 Ignatios Souvatzis
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_arcsubr.c,v 1.63.14.1 2012/10/23 16:19:47 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_arcsubr.c,v 1.63.14.1.2.1 2017/02/05 05:47:28 snj Exp $");
#include "opt_inet.h"
@@ -196,8 +196,10 @@
adst = arcbroadcastaddr;
else {
uint8_t *tha = ar_tha(arph);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
adst = *tha;
}
diff -r 1ba5b0256400 -r b427dad4e58f sys/net/if_ecosubr.c
--- a/sys/net/if_ecosubr.c Sun Nov 13 06:45:09 2016 +0000
+++ b/sys/net/if_ecosubr.c Sun Feb 05 05:47:28 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ecosubr.c,v 1.36 2011/11/20 12:15:38 kiyohara Exp $ */
+/* $NetBSD: if_ecosubr.c,v 1.36.18.1 2017/02/05 05:47:28 snj Exp $ */
/*-
* Copyright (c) 2001 Ben Harris
@@ -58,7 +58,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ecosubr.c,v 1.36 2011/11/20 12:15:38 kiyohara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ecosubr.c,v 1.36.18.1 2017/02/05 05:47:28 snj Exp $");
#include "opt_inet.h"
#include "opt_pfil_hooks.h"
@@ -242,8 +242,10 @@
case AF_ARP:
ah = mtod(m, struct arphdr *);
- if (ntohs(ah->ar_pro) != ETHERTYPE_IP)
- return EAFNOSUPPORT;
+ if (ntohs(ah->ar_pro) != ETHERTYPE_IP) {
+ error = EAFNOSUPPORT;
+ goto bad;
+ }
ehdr.eco_port = ECO_PORT_IP;
switch (ntohs(ah->ar_op)) {
case ARPOP_REQUEST:
@@ -253,7 +255,8 @@
ehdr.eco_control = ECO_CTL_ARP_REPLY;
break;
default:
- return EOPNOTSUPP;
+ error = EOPNOTSUPP;
+ goto bad;
}
if (m->m_flags & M_BCAST)
@@ -261,8 +264,10 @@
ECO_ADDR_LEN);
else {
tha = ar_tha(ah);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
memcpy(ehdr.eco_dhost, tha, ECO_ADDR_LEN);
}
diff -r 1ba5b0256400 -r b427dad4e58f sys/net/if_ethersubr.c
--- a/sys/net/if_ethersubr.c Sun Nov 13 06:45:09 2016 +0000
+++ b/sys/net/if_ethersubr.c Sun Feb 05 05:47:28 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.188.8.3.2.1 2014/06/18 09:34:27 msaitoh Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.188.8.3.2.2 2017/02/05 05:47:28 snj Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.188.8.3.2.1 2014/06/18 09:34:27 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.188.8.3.2.2 2017/02/05 05:47:28 snj Exp $");
#include "opt_inet.h"
#include "opt_atalk.h"
@@ -307,6 +307,7 @@
if (tha == NULL) {
/* fake with ARPHDR_IEEE1394 */
+ m_freem(m);
return 0;
}
memcpy(edst, tha, sizeof(edst));
diff -r 1ba5b0256400 -r b427dad4e58f sys/net/if_fddisubr.c
--- a/sys/net/if_fddisubr.c Sun Nov 13 06:45:09 2016 +0000
+++ b/sys/net/if_fddisubr.c Sun Feb 05 05:47:28 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_fddisubr.c,v 1.81.14.1 2012/10/31 16:07:46 riz Exp $ */
+/* $NetBSD: if_fddisubr.c,v 1.81.14.1.2.1 2017/02/05 05:47:28 snj Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -96,7 +96,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_fddisubr.c,v 1.81.14.1 2012/10/31 16:07:46 riz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_fddisubr.c,v 1.81.14.1.2.1 2017/02/05 05:47:28 snj Exp $");
#include "opt_gateway.h"
#include "opt_inet.h"
@@ -303,8 +303,10 @@
memcpy(edst, etherbroadcastaddr, sizeof(edst));
else {
void *tha = ar_tha(ah);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
memcpy(edst, tha, sizeof(edst));
}
diff -r 1ba5b0256400 -r b427dad4e58f sys/net/if_tokensubr.c
--- a/sys/net/if_tokensubr.c Sun Nov 13 06:45:09 2016 +0000
+++ b/sys/net/if_tokensubr.c Sun Feb 05 05:47:28 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_tokensubr.c,v 1.61 2011/07/19 19:42:27 tron Exp $ */
+/* $NetBSD: if_tokensubr.c,v 1.61.18.1 2017/02/05 05:47:28 snj Exp $ */
/*
* Copyright (c) 1982, 1989, 1993
@@ -92,7 +92,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_tokensubr.c,v 1.61 2011/07/19 19:42:27 tron Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_tokensubr.c,v 1.61.18.1 2017/02/05 05:47:28 snj Exp $");
#include "opt_inet.h"
#include "opt_atalk.h"
@@ -305,8 +305,10 @@
}
else {
void *tha = ar_tha(ah);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
memcpy(edst, tha, sizeof(edst));
trh = (struct token_header *)M_TRHSTART(m);
trh->token_ac = TOKEN_AC;
Home |
Main Index |
Thread Index |
Old Index