Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-9]: src/sys Pull up following revision(s) (requested by bouyer in...



details:   https://anonhg.NetBSD.org/src/rev/3bfe833c5490
branches:  netbsd-9
changeset: 1000850:3bfe833c5490
user:      martin <martin%NetBSD.org@localhost>
date:      Tue Sep 17 19:55:43 2019 +0000

description:
Pull up following revision(s) (requested by bouyer in ticket #208):

        sys/netinet6/ip6_input.c: revision 1.209
        sys/netinet/ip_input.c: revision 1.390

Packet filters can return an mbuf chain with fragmented headers, so
m_pullup() it if needed and remove the KASSERT()s.

diffstat:

 sys/netinet/ip_input.c   |  23 +++++++++++++++++++----
 sys/netinet6/ip6_input.c |  12 +++++++++---
 2 files changed, 28 insertions(+), 7 deletions(-)

diffs (79 lines):

diff -r a187deab6e64 -r 3bfe833c5490 sys/netinet/ip_input.c
--- a/sys/netinet/ip_input.c    Tue Sep 17 19:54:10 2019 +0000
+++ b/sys/netinet/ip_input.c    Tue Sep 17 19:55:43 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_input.c,v 1.389 2019/05/13 07:47:59 ozaki-r Exp $   */
+/*     $NetBSD: ip_input.c,v 1.389.2.1 2019/09/17 19:55:43 martin Exp $        */
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.389 2019/05/13 07:47:59 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.389.2.1 2019/09/17 19:55:43 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -581,10 +581,25 @@
                        IP_STATINC(IP_STAT_PFILDROP_IN);
                        goto out;
                }
-               KASSERT(m->m_len >= sizeof(struct ip));
+               if (__predict_false(m->m_len < sizeof(struct ip))) {
+                       if ((m = m_pullup(m, sizeof(struct ip))) == NULL) {
+                               IP_STATINC(IP_STAT_TOOSMALL);
+                               goto out;
+                       }
+               }
                ip = mtod(m, struct ip *);
                hlen = ip->ip_hl << 2;
-               KASSERT(m->m_len >= hlen);
+               if (hlen < sizeof(struct ip)) { /* minimum header length */
+                       IP_STATINC(IP_STAT_BADHLEN);
+                       goto out;
+               }
+               if (hlen > m->m_len) {
+                       if ((m = m_pullup(m, hlen)) == NULL) {
+                               IP_STATINC(IP_STAT_BADHLEN);
+                               goto out;
+                       }
+                       ip = mtod(m, struct ip *);
+               }
 
                /*
                 * XXX The setting of "srcrt" here is to prevent ip_forward()
diff -r a187deab6e64 -r 3bfe833c5490 sys/netinet6/ip6_input.c
--- a/sys/netinet6/ip6_input.c  Tue Sep 17 19:54:10 2019 +0000
+++ b/sys/netinet6/ip6_input.c  Tue Sep 17 19:55:43 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip6_input.c,v 1.208 2019/05/13 07:47:59 ozaki-r Exp $  */
+/*     $NetBSD: ip6_input.c,v 1.208.2.1 2019/09/17 19:55:43 martin Exp $       */
 /*     $KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $     */
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.208 2019/05/13 07:47:59 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.208.2.1 2019/09/17 19:55:43 martin Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_gateway.h"
@@ -356,7 +356,13 @@
                        IP6_STATINC(IP6_STAT_PFILDROP_IN);
                        return;
                }
-               KASSERT(m->m_len >= sizeof(struct ip6_hdr));
+               if (m->m_len < sizeof(struct ip6_hdr)) {
+                       if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
+                               IP6_STATINC(IP6_STAT_TOOSMALL);
+                               in6_ifstat_inc(rcvif, ifs6_in_hdrerr);
+                               return;
+                       }
+               }
                ip6 = mtod(m, struct ip6_hdr *);
                srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst);
        }



Home | Main Index | Thread Index | Old Index