summaryrefslogtreecommitdiff
path: root/sys/netinet
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2010-12-21 19:16:16 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2010-12-21 19:16:16 +0000
commitb8f93236e139a325a6aec2b47b12ecbfab8aaf99 (patch)
tree5595594b5032a379c582cc1730fcdafe0841e2f7 /sys/netinet
parent98535b7c16eaa01c99cf50771b7fd8c80c33e3ec (diff)
don't leak short packets; ok mikeb@
Diffstat (limited to 'sys/netinet')
-rw-r--r--sys/netinet/ipsec_input.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c
index f9e1b1ee14d..1c565a10040 100644
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec_input.c,v 1.98 2010/07/09 16:58:06 reyk Exp $ */
+/* $OpenBSD: ipsec_input.c,v 1.99 2010/12/21 19:16:15 markus Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -1013,6 +1013,9 @@ ah6_input(struct mbuf **mp, int *offp, int proto)
if (*offp < sizeof(struct ip6_hdr)) {
DPRINTF(("ah6_input(): bad offset\n"));
+ ahstat.ahs_hdrops++;
+ m_freem(*mp);
+ *mp = NULL;
return IPPROTO_DONE;
} else if (*offp == sizeof(struct ip6_hdr)) {
protoff = offsetof(struct ip6_hdr, ip6_nxt);
@@ -1102,6 +1105,9 @@ esp6_input(struct mbuf **mp, int *offp, int proto)
if (*offp < sizeof(struct ip6_hdr)) {
DPRINTF(("esp6_input(): bad offset\n"));
+ espstat.esps_hdrops++;
+ m_freem(*mp);
+ *mp = NULL;
return IPPROTO_DONE;
} else if (*offp == sizeof(struct ip6_hdr)) {
protoff = offsetof(struct ip6_hdr, ip6_nxt);
@@ -1159,6 +1165,9 @@ ipcomp6_input(struct mbuf **mp, int *offp, int proto)
if (*offp < sizeof(struct ip6_hdr)) {
DPRINTF(("ipcomp6_input(): bad offset\n"));
+ ipcompstat.ipcomps_hdrops++;
+ m_freem(*mp);
+ *mp = NULL;
return IPPROTO_DONE;
} else if (*offp == sizeof(struct ip6_hdr)) {
protoff = offsetof(struct ip6_hdr, ip6_nxt);