Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/sys/netinet6 Pull up revision 1.23 (via patch, requeste...
details: https://anonhg.NetBSD.org/src/rev/78b9b4fcdf5a
branches: netbsd-1-5
changeset: 490748:78b9b4fcdf5a
user: he <he%NetBSD.org@localhost>
date: Mon Feb 26 22:11:42 2001 +0000
description:
Pull up revision 1.23 (via patch, requested by itojun):
Correct option parsing during AH checksum computation.
diffstat:
sys/netinet6/ah_core.c | 15 +++++++++++++--
1 files changed, 13 insertions(+), 2 deletions(-)
diffs (50 lines):
diff -r a6745a3b32cd -r 78b9b4fcdf5a sys/netinet6/ah_core.c
--- a/sys/netinet6/ah_core.c Mon Feb 26 22:10:03 2001 +0000
+++ b/sys/netinet6/ah_core.c Mon Feb 26 22:11:42 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ah_core.c,v 1.19.2.2 2001/02/26 21:53:48 he Exp $ */
+/* $NetBSD: ah_core.c,v 1.19.2.3 2001/02/26 22:11:42 he Exp $ */
/* $KAME: ah_core.c,v 1.36 2000/07/15 16:07:48 itojun Exp $ */
/*
@@ -834,6 +834,8 @@
i = sizeof(struct ip);
while (i < hlen) {
if (i + IPOPT_OPTVAL >= hlen) {
+ ipseclog((LOG_ERR, "ah4_calccksum: "
+ "invalid IP option\n"));
error = EINVAL;
goto fail;
}
@@ -842,6 +844,10 @@
i + IPOPT_OLEN < hlen)
;
else {
+ ipseclog((LOG_ERR,
+ "ah4_calccksum: invalid IP option "
+ "(type=%02x)\n",
+ p[i + IPOPT_OPTVAL]));
error = EINVAL;
goto fail;
}
@@ -859,14 +865,19 @@
case 0x94: /* Router alert */
case 0x95: /* RFC1770 */
l = p[i + IPOPT_OLEN];
+ if (l < 2)
+ goto invalopt;
skip = 0;
break;
default:
l = p[i + IPOPT_OLEN];
+ if (l < 2)
+ goto invalopt;
skip = 1;
break;
}
- if (l <= 0 || hlen - i < l) {
+ if (l < 1 || hlen - i < l) {
+ invalopt:
ipseclog((LOG_ERR,
"ah4_calccksum: invalid IP option "
"(type=%02x len=%02x)\n",
Home |
Main Index |
Thread Index |
Old Index