summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNiklas Hallqvist <niklas@cvs.openbsd.org>1998-11-25 02:01:29 +0000
committerNiklas Hallqvist <niklas@cvs.openbsd.org>1998-11-25 02:01:29 +0000
commitdf0457dc198642163b2ac78650e8a965f86aae27 (patch)
tree0377953b1f02bbe170d979bfd6f03702aaca03a9
parent9eace93090ecd5af22f4c9832c2e581cca6fd70f (diff)
Add checks of packets getting to big after transforms.
Also make sure some more error conditions get told to the caller.
-rw-r--r--sys/netinet/ip_ah.h3
-rw-r--r--sys/netinet/ip_ah_new.c13
-rw-r--r--sys/netinet/ip_ah_old.c13
-rw-r--r--sys/netinet/ip_esp.h3
-rw-r--r--sys/netinet/ip_esp_new.c11
-rw-r--r--sys/netinet/ip_esp_old.c14
6 files changed, 48 insertions, 9 deletions
diff --git a/sys/netinet/ip_ah.h b/sys/netinet/ip_ah.h
index 1e19c80a32d..1df84dbb1b5 100644
--- a/sys/netinet/ip_ah.h
+++ b/sys/netinet/ip_ah.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ah.h,v 1.12 1998/05/18 21:10:31 provos Exp $ */
+/* $OpenBSD: ip_ah.h,v 1.13 1998/11/25 02:01:28 niklas Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -86,6 +86,7 @@ struct ahstat
u_int32_t ahs_invalid; /* Trying to use an invalid TDB */
u_int64_t ahs_ibytes; /* input bytes */
u_int64_t ahs_obytes; /* output bytes */
+ u_int32_t ahs_toobig; /* packet got larger than IP_MAXPACKET */
};
#define AH_HMAC_HASHLEN 12 /* 96 bits of authenticator */
diff --git a/sys/netinet/ip_ah_new.c b/sys/netinet/ip_ah_new.c
index ed8a442d0ce..1b4dd48ca7f 100644
--- a/sys/netinet/ip_ah_new.c
+++ b/sys/netinet/ip_ah_new.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ah_new.c,v 1.18 1998/06/03 09:50:18 provos Exp $ */
+/* $OpenBSD: ip_ah_new.c,v 1.19 1998/11/25 02:01:27 niklas Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -568,7 +568,7 @@ ah_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb,
DPRINTF(("ah_new_output(): m_pullup() failed, SA &x/%08x\n",
tdb->tdb_dst, ntohl(tdb->tdb_spi)));
ahstat.ahs_hdrops++;
- return NULL;
+ return ENOBUFS;
}
ip = mtod(m, struct ip *);
@@ -583,6 +583,15 @@ ah_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb,
ilen = ntohs(ip->ip_len);
ohlen = AH_NEW_FLENGTH;
+ if (ohlen + ilen > IP_MAXPACKET) {
+ if (encdebug)
+ log(LOG_ALERT,
+ "ah_new_output(): packet in SA %x/%0x8 got too big\n",
+ tdb->tdb_dst, ntohl(tdb->tdb_spi));
+ m_freem(m);
+ ahstat.ahs_toobig++;
+ return ENOBUFS;
+ }
ipo.ip_v = IPVERSION;
ipo.ip_hl = ip->ip_hl;
diff --git a/sys/netinet/ip_ah_old.c b/sys/netinet/ip_ah_old.c
index 2b4bd0d3fb1..25f5883c055 100644
--- a/sys/netinet/ip_ah_old.c
+++ b/sys/netinet/ip_ah_old.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ah_old.c,v 1.15 1998/06/03 09:50:19 provos Exp $ */
+/* $OpenBSD: ip_ah_old.c,v 1.16 1998/11/25 02:01:26 niklas Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -473,7 +473,7 @@ ah_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb,
DPRINTF(("ah_old_output(): m_pullup() failed, SA &x/%08x\n",
tdb->tdb_dst, ntohl(tdb->tdb_spi)));
ahstat.ahs_hdrops++;
- return NULL;
+ return ENOBUFS;
}
ip = mtod(m, struct ip *);
@@ -488,6 +488,15 @@ ah_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb,
ilen = ntohs(ip->ip_len);
ohlen = AH_OLD_FLENGTH + alen;
+ if (ohlen + ilen > IP_MAXPACKET) {
+ if (encdebug)
+ log(LOG_ALERT,
+ "ah_old_output(): packet in SA %x/%0x8 got too big\n",
+ tdb->tdb_dst, ntohl(tdb->tdb_spi));
+ m_freem(m);
+ ahstat.ahs_toobig++;
+ return ENOBUFS;
+ }
ipo.ip_v = IPVERSION;
ipo.ip_hl = ip->ip_hl;
diff --git a/sys/netinet/ip_esp.h b/sys/netinet/ip_esp.h
index 31fa69160e0..75ba8bf53aa 100644
--- a/sys/netinet/ip_esp.h
+++ b/sys/netinet/ip_esp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp.h,v 1.17 1998/05/18 21:10:41 provos Exp $ */
+/* $OpenBSD: ip_esp.h,v 1.18 1998/11/25 02:01:28 niklas Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -117,6 +117,7 @@ struct espstat
u_int32_t esps_invalid; /* Trying to use an invalid TDB */
u_int64_t esps_ibytes; /* input bytes */
u_int64_t esps_obytes; /* output bytes */
+ u_int32_t esps_toobig; /* packet got larger than IP_MAXPACKET */
};
struct esp_old_xdata
diff --git a/sys/netinet/ip_esp_new.c b/sys/netinet/ip_esp_new.c
index 4459236771b..3b8f386146e 100644
--- a/sys/netinet/ip_esp_new.c
+++ b/sys/netinet/ip_esp_new.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp_new.c,v 1.25 1998/11/25 01:02:59 niklas Exp $ */
+/* $OpenBSD: ip_esp_new.c,v 1.26 1998/11/25 02:01:27 niklas Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -933,6 +933,15 @@ esp_new_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb,
/* Raw payload length */
rlen = ilen - iphlen;
padding = ((blks - ((rlen + 2) % blks)) % blks) + 2;
+ if (iphlen + ohlen + rlen + padding + alen > IP_MAXPACKET) {
+ if (encdebug)
+ log(LOG_ALERT,
+ "esp_new_output(): packet in SA %x/%0x8 got too big\n",
+ tdb->tdb_dst, ntohl(tdb->tdb_spi));
+ m_freem(m);
+ espstat.esps_toobig++;
+ return ENOBUFS;
+ }
pad = (u_char *) m_pad(m, padding + alen);
if (pad == NULL)
diff --git a/sys/netinet/ip_esp_old.c b/sys/netinet/ip_esp_old.c
index f93d89259cf..02f80af4678 100644
--- a/sys/netinet/ip_esp_old.c
+++ b/sys/netinet/ip_esp_old.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp_old.c,v 1.20 1998/07/30 08:41:21 provos Exp $ */
+/* $OpenBSD: ip_esp_old.c,v 1.21 1998/11/25 02:01:27 niklas Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
@@ -624,8 +624,18 @@ esp_old_output(struct mbuf *m, struct sockaddr_encap *gw, struct tdb *tdb,
ipo = *ip;
nh = ipo.ip_p;
- rlen = ilen - iphlen; /* raw payload length */
+ /* Raw payload length */
+ rlen = ilen - iphlen;
padding = ((blks - ((rlen + 2) % blks)) % blks) + 2;
+ if (iphlen + ohlen + rlen + padding > IP_MAXPACKET) {
+ if (encdebug)
+ log(LOG_ALERT,
+ "esp_old_output(): packet in SA %x/%0x8 got too big\n",
+ tdb->tdb_dst, ntohl(tdb->tdb_spi));
+ m_freem(m);
+ espstat.esps_toobig++;
+ return ENOBUFS;
+ }
pad = (u_char *) m_pad(m, padding);
if (pad == NULL)