svn commit: r197674 - head/sys/netipsec
VANHULLEBUS Yvan
vanhu at FreeBSD.org
Thu Oct 1 15:33:53 UTC 2009
Author: vanhu
Date: Thu Oct 1 15:33:53 2009
New Revision: 197674
URL: http://svn.freebsd.org/changeset/base/197674
Log:
Changed an IPSEC_ASSERT to a simple test, as such invalid packets
may come from outside without being discarded before.
Submitted by: aurelien.ansel at netasq.com
Reviewed by: bz (secteam)
Obtained from: NETASQ
MFC after: 1m
Modified:
head/sys/netipsec/xform_esp.c
Modified: head/sys/netipsec/xform_esp.c
==============================================================================
--- head/sys/netipsec/xform_esp.c Thu Oct 1 15:28:40 2009 (r197673)
+++ head/sys/netipsec/xform_esp.c Thu Oct 1 15:33:53 2009 (r197674)
@@ -282,9 +282,15 @@ esp_input(struct mbuf *m, struct secasva
IPSEC_ASSERT(sav != NULL, ("null SA"));
IPSEC_ASSERT(sav->tdb_encalgxform != NULL, ("null encoding xform"));
- IPSEC_ASSERT((skip&3) == 0 && (m->m_pkthdr.len&3) == 0,
- ("misaligned packet, skip %u pkt len %u",
- skip, m->m_pkthdr.len));
+
+ /* Valid IP Packet length ? */
+ if ( (skip&3) || (m->m_pkthdr.len&3) ){
+ DPRINTF(("%s: misaligned packet, skip %u pkt len %u",
+ __func__, skip, m->m_pkthdr.len));
+ V_espstat.esps_badilen++;
+ m_freem(m);
+ return EINVAL;
+ }
/* XXX don't pullup, just copy header */
IP6_EXTHDR_GET(esp, struct newesp *, m, skip, sizeof (struct newesp));
More information about the svn-src-head
mailing list