diff options
| author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2014-06-13 06:47:10 +0000 |
|---|---|---|
| committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2014-06-13 06:47:10 +0000 |
| commit | 85eeb1e3a9b977aa3728a40ff49136c90b39d210 (patch) | |
| tree | 7fffb51d68c04f9de9b210e50924a21a5dcf84a0 /sys/net/pipex.c | |
| parent | bed65f11bfe7696fd5d02c19174c617e45871949 (diff) | |
KASSERT in pipex_ppp_input() fails if a compressed PPP frame is received
by the pipex session whose mppe is not accepted. Fix ppp_common_input()
to not pass such frames to pipex.
Diffstat (limited to 'sys/net/pipex.c')
| -rw-r--r-- | sys/net/pipex.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/sys/net/pipex.c b/sys/net/pipex.c index cba7ad53ea5..2fec5362900 100644 --- a/sys/net/pipex.c +++ b/sys/net/pipex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex.c,v 1.52 2014/06/13 06:44:11 yasuoka Exp $ */ +/* $OpenBSD: pipex.c,v 1.53 2014/06/13 06:47:09 yasuoka Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -1040,9 +1040,13 @@ pipex_ppp_input(struct mbuf *m0, struct pipex_session *session, int decrypted) proto = pipex_ppp_proto(m0, session, 0, &hlen); #ifdef PIPEX_MPPE - if (pipex_session_is_mppe_accepted(session) && proto == PPP_COMP) { + if (proto == PPP_COMP) { if (decrypted) goto drop; + + /* checked this on ppp_common_input() already. */ + KASSERT(pipex_session_is_mppe_accepted(session)); + m_adj(m0, hlen); pipex_mppe_input(m0, session); return; @@ -1306,6 +1310,9 @@ pipex_common_input(struct pipex_session *session, struct mbuf *m0, int hlen, break; case PPP_COMP: + if (pipex_session_is_mppe_accepted(session)) + break; + goto not_ours; #endif case PPP_IP: #ifdef INET6 |