Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-7-0]: src/sys/net Pull up following revision(s) (requested by max...
details: https://anonhg.NetBSD.org/src/rev/1c1be0738789
branches: netbsd-7-0
changeset: 801275:1c1be0738789
user: snj <snj%NetBSD.org@localhost>
date: Sun Feb 05 19:14:01 2017 +0000
description:
Pull up following revision(s) (requested by maxv in ticket #1355):
sys/net/if_arcsubr.c: revision 1.76 via patch
sys/net/if_ecosubr.c: revision 1.50 via patch
sys/net/if_ethersubr.c: revision 1.236 via patch
sys/net/if_fddisubr.c: revision 1.104 via patch
sys/net/if_tokensubr.c: revision 1.80 via patch
Don't forget to free the mbuf when we decide not to reply to an ARP
request. This obviously is a terrible bug, since it allows a remote sender
to DoS the system with specially-crafted requests sent in a loop.
diffstat:
sys/net/if_arcsubr.c | 8 +++++---
sys/net/if_ecosubr.c | 17 +++++++++++------
sys/net/if_ethersubr.c | 5 +++--
sys/net/if_fddisubr.c | 8 +++++---
sys/net/if_tokensubr.c | 8 +++++---
5 files changed, 29 insertions(+), 17 deletions(-)
diffs (169 lines):
diff -r cace817076fa -r 1c1be0738789 sys/net/if_arcsubr.c
--- a/sys/net/if_arcsubr.c Sun Jan 29 05:25:27 2017 +0000
+++ b/sys/net/if_arcsubr.c Sun Feb 05 19:14:01 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_arcsubr.c,v 1.66 2014/06/05 23:48:16 rmind Exp $ */
+/* $NetBSD: if_arcsubr.c,v 1.66.6.1 2017/02/05 19:14:01 snj Exp $ */
/*
* Copyright (c) 1994, 1995 Ignatios Souvatzis
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_arcsubr.c,v 1.66 2014/06/05 23:48:16 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_arcsubr.c,v 1.66.6.1 2017/02/05 19:14:01 snj Exp $");
#include "opt_inet.h"
@@ -196,8 +196,10 @@
adst = arcbroadcastaddr;
else {
uint8_t *tha = ar_tha(arph);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
adst = *tha;
}
diff -r cace817076fa -r 1c1be0738789 sys/net/if_ecosubr.c
--- a/sys/net/if_ecosubr.c Sun Jan 29 05:25:27 2017 +0000
+++ b/sys/net/if_ecosubr.c Sun Feb 05 19:14:01 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ecosubr.c,v 1.40.2.1 2014/12/01 11:38:43 martin Exp $ */
+/* $NetBSD: if_ecosubr.c,v 1.40.2.1.2.1 2017/02/05 19:14:01 snj Exp $ */
/*-
* Copyright (c) 2001 Ben Harris
@@ -58,7 +58,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ecosubr.c,v 1.40.2.1 2014/12/01 11:38:43 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ecosubr.c,v 1.40.2.1.2.1 2017/02/05 19:14:01 snj Exp $");
#include "opt_inet.h"
@@ -241,8 +241,10 @@
case AF_ARP:
ah = mtod(m, struct arphdr *);
- if (ntohs(ah->ar_pro) != ETHERTYPE_IP)
- return EAFNOSUPPORT;
+ if (ntohs(ah->ar_pro) != ETHERTYPE_IP) {
+ error = EAFNOSUPPORT;
+ goto bad;
+ }
ehdr.eco_port = ECO_PORT_IP;
switch (ntohs(ah->ar_op)) {
case ARPOP_REQUEST:
@@ -252,7 +254,8 @@
ehdr.eco_control = ECO_CTL_ARP_REPLY;
break;
default:
- return EOPNOTSUPP;
+ error = EOPNOTSUPP;
+ goto bad;
}
if (m->m_flags & M_BCAST)
@@ -260,8 +263,10 @@
ECO_ADDR_LEN);
else {
tha = ar_tha(ah);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
memcpy(ehdr.eco_dhost, tha, ECO_ADDR_LEN);
}
diff -r cace817076fa -r 1c1be0738789 sys/net/if_ethersubr.c
--- a/sys/net/if_ethersubr.c Sun Jan 29 05:25:27 2017 +0000
+++ b/sys/net/if_ethersubr.c Sun Feb 05 19:14:01 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.204 2014/08/10 16:44:36 tls Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.204.4.1 2017/02/05 19:14:01 snj Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.204 2014/08/10 16:44:36 tls Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.204.4.1 2017/02/05 19:14:01 snj Exp $");
#include "opt_inet.h"
#include "opt_atalk.h"
@@ -299,6 +299,7 @@
if (tha == NULL) {
/* fake with ARPHDR_IEEE1394 */
+ m_freem(m);
return 0;
}
memcpy(edst, tha, sizeof(edst));
diff -r cace817076fa -r 1c1be0738789 sys/net/if_fddisubr.c
--- a/sys/net/if_fddisubr.c Sun Jan 29 05:25:27 2017 +0000
+++ b/sys/net/if_fddisubr.c Sun Feb 05 19:14:01 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_fddisubr.c,v 1.88 2014/06/07 09:34:02 martin Exp $ */
+/* $NetBSD: if_fddisubr.c,v 1.88.6.1 2017/02/05 19:14:01 snj Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -96,7 +96,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_fddisubr.c,v 1.88 2014/06/07 09:34:02 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_fddisubr.c,v 1.88.6.1 2017/02/05 19:14:01 snj Exp $");
#include "opt_gateway.h"
#include "opt_inet.h"
@@ -294,8 +294,10 @@
memcpy(edst, etherbroadcastaddr, sizeof(edst));
else {
void *tha = ar_tha(ah);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
memcpy(edst, tha, sizeof(edst));
}
diff -r cace817076fa -r 1c1be0738789 sys/net/if_tokensubr.c
--- a/sys/net/if_tokensubr.c Sun Jan 29 05:25:27 2017 +0000
+++ b/sys/net/if_tokensubr.c Sun Feb 05 19:14:01 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_tokensubr.c,v 1.65 2014/06/05 23:48:16 rmind Exp $ */
+/* $NetBSD: if_tokensubr.c,v 1.65.4.1 2017/02/05 19:14:01 snj Exp $ */
/*
* Copyright (c) 1982, 1989, 1993
@@ -92,7 +92,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_tokensubr.c,v 1.65 2014/06/05 23:48:16 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_tokensubr.c,v 1.65.4.1 2017/02/05 19:14:01 snj Exp $");
#include "opt_inet.h"
#include "opt_atalk.h"
@@ -295,8 +295,10 @@
}
else {
void *tha = ar_tha(ah);
- if (tha == NULL)
+ if (tha == NULL) {
+ m_freem(m);
return 0;
+ }
memcpy(edst, tha, sizeof(edst));
trh = (struct token_header *)M_TRHSTART(m);
trh->token_ac = TOKEN_AC;
Home |
Main Index |
Thread Index |
Old Index