summaryrefslogtreecommitdiff
path: root/sys/net
diff options
context:
space:
mode:
authorMike Frantzen <frantzen@cvs.openbsd.org>2001-08-31 23:05:23 +0000
committerMike Frantzen <frantzen@cvs.openbsd.org>2001-08-31 23:05:23 +0000
commitc2d23c9048ff7b007a809135fd6bfd4c74b10808 (patch)
treea20f78896696524a847d211e829b4b0883991641 /sys/net
parentdb8d0d80ee0abacb066ece3a7a7698a07eecc1d9 (diff)
Forgot to commit frag expire tuning before
Check for a short ip_hl. Could have caused proto headers to overlap IP header.
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/pf.c8
-rw-r--r--sys/net/pf_norm.c7
2 files changed, 10 insertions, 5 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 70e208fa407..aff74a2edbb 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.141 2001/08/28 08:12:17 dhartmei Exp $ */
+/* $OpenBSD: pf.c,v 1.142 2001/08/31 23:05:22 frantzen Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -3193,6 +3193,12 @@ pf_test(int dir, struct ifnet *ifp, struct mbuf **m0)
h = mtod(m, struct ip *);
off = h->ip_hl << 2;
+ if (off < sizeof(*h)) {
+ action = PF_DROP;
+ REASON_SET(&reason, PFRES_SHORT);
+ log = 1;
+ goto done;
+ }
switch (h->ip_p) {
diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c
index 2d847cf497f..d7b7e3f4348 100644
--- a/sys/net/pf_norm.c
+++ b/sys/net/pf_norm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_norm.c,v 1.6 2001/08/11 12:05:00 dhartmei Exp $ */
+/* $OpenBSD: pf_norm.c,v 1.7 2001/08/31 23:05:22 frantzen Exp $ */
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
@@ -112,6 +112,7 @@ int pf_normalize_tcp(int, struct ifnet *, struct mbuf *,
struct pf_tree_node *tree_fragment;
struct pool pf_frent_pl, pf_frag_pl;
int pf_nfrents;
+extern int pftm_frag; /* Fragment expire timeout */
void
pf_normalize_init(void)
@@ -127,8 +128,6 @@ pf_normalize_init(void)
TAILQ_INIT(&pf_fragqueue);
}
-#define FRAG_EXPIRE 30
-
void
pf_purge_expired_fragments(void)
{
@@ -138,7 +137,7 @@ pf_purge_expired_fragments(void)
microtime(&now);
timerclear(&expire);
- expire.tv_sec = FRAG_EXPIRE;
+ expire.tv_sec = pftm_frag;
timersub(&now, &expire, &expire);
while ((frag = TAILQ_LAST(&pf_fragqueue, pf_fragqueue)) != NULL) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-12 01:01:58 +0000