diff options
| author | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2016-09-28 14:10:36 +0000 |
|---|---|---|
| committer | YASUOKA Masahiko <yasuoka@cvs.openbsd.org> | 2016-09-28 14:10:36 +0000 |
| commit | d7a57a01c493e8e1a5573fa924babef36847a906 (patch) | |
| tree | 38574a0e09f07a22f246f1cf9152ae38998d4e78 /sys | |
| parent | 2f9096fd3e93a71796efbe3d7ae288fd645abd79 (diff) | |
Fix the way of checking the length of vxlan packet and made it strict.
ok reyk
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/if_vxlan.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/sys/net/if_vxlan.c b/sys/net/if_vxlan.c index d8d887453ec..de6bfdca69a 100644 --- a/sys/net/if_vxlan.c +++ b/sys/net/if_vxlan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_vxlan.c,v 1.44 2016/09/04 11:14:44 reyk Exp $ */ +/* $OpenBSD: if_vxlan.c,v 1.45 2016/09/28 14:10:35 yasuoka Exp $ */ /* * Copyright (c) 2013 Reyk Floeter <reyk@openbsd.org> @@ -576,7 +576,6 @@ vxlan_lookup(struct mbuf *m, struct udphdr *uh, int iphlen, int vni; struct ifnet *ifp; int skip; - struct ether_header *eh; #if NBRIDGE > 0 struct bridge_tunneltag *brtag; #endif @@ -636,12 +635,12 @@ vxlan_lookup(struct mbuf *m, struct udphdr *uh, int iphlen, return (0); found: + if (m->m_pkthdr.len < skip + sizeof(struct ether_header) + ETHERMIN) + return (EINVAL); + m_adj(m, skip); ifp = &sc->sc_ac.ac_if; - if ((eh = mtod(m, struct ether_header *)) == NULL) - return (EINVAL); - #if NBRIDGE > 0 /* Store the tunnel src/dst IP and vni for the bridge or switch */ if ((ifp->if_bridgeport != NULL || ifp->if_switchport != NULL) && |