git: 7bc0cb91a2df - main - Revert "sbin/ping: allow normal users to specify larger packets" It is causing test failures.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 16 Oct 2024 05:24:18 UTC
The branch main has been updated by pfg: URL: https://cgit.FreeBSD.org/src/commit/?id=7bc0cb91a2dfc7e23d96efd0fb7866ee2a23ba88 commit 7bc0cb91a2dfc7e23d96efd0fb7866ee2a23ba88 Author: Pedro F. Giffuni <pfg@FreeBSD.org> AuthorDate: 2024-10-16 05:21:30 +0000 Commit: Pedro F. Giffuni <pfg@FreeBSD.org> CommitDate: 2024-10-16 05:23:58 +0000 Revert "sbin/ping: allow normal users to specify larger packets" It is causing test failures. This reverts commit 80a5b26871e90a0ad99d95bd129343471a7a36e3. --- sbin/ping/ping.8 | 3 ++- sbin/ping/ping.c | 11 ++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/sbin/ping/ping.8 b/sbin/ping/ping.8 index 951049d0f252..0eaec196e1e3 100644 --- a/sbin/ping/ping.8 +++ b/sbin/ping/ping.8 @@ -25,7 +25,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd October 15, 2024 +.Dd September 15, 2023 .Dt PING 8 .Os .Sh NAME @@ -312,6 +312,7 @@ with the 8 bytes of ICMP header data. .Pp +For IPv4, only the super-user may specify values more than default. This option cannot be used with ping sweeps. .Pp For IPv6, you may need to specify diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index e6b1247af497..d9d544bc75c8 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -96,8 +96,8 @@ #define DEFDATALEN 56 /* default data length */ #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ /* runs out of buffer space */ -#define MAXIPLEN ((int)sizeof(struct ip) + MAX_IPOPTLEN) -#define MAXPAYLOAD (IP_MAXPACKET - MAXIPLEN - ICMP_MINLEN) +#define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) +#define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN) #define MAXWAIT 10000 /* max ms to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define MAXTOS 255 @@ -458,10 +458,11 @@ ping(int argc, char *const *argv) errx(EX_USAGE, "invalid packet size: `%s'", optarg); datalen = (int)ltmp; - if (datalen > MAXPAYLOAD) { - errx(EX_USAGE, + if (uid != 0 && datalen > DEFDATALEN) { + errno = EPERM; + err(EX_NOPERM, "packet size too large: %d > %u", - datalen, MAXPAYLOAD); + datalen, DEFDATALEN); } break; case 'T': /* multicast TTL */