summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/net/if.c15
-rw-r--r--sys/net/if.h4
-rw-r--r--sys/netinet6/in6.c6
-rw-r--r--sys/netinet6/in6_src.c11
-rw-r--r--sys/netinet6/ip6_mroute.c6
-rw-r--r--sys/netinet6/ip6_output.c27
-rw-r--r--sys/netinet6/nd6_rtr.c4
7 files changed, 45 insertions, 28 deletions
diff --git a/sys/net/if.c b/sys/net/if.c
index 9c8777b1fd2..9b4b8294af9 100644
--- a/sys/net/if.c
+++ b/sys/net/if.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if.c,v 1.76 2003/12/08 09:09:03 markus Exp $ */
+/* $OpenBSD: if.c,v 1.77 2003/12/10 03:30:21 itojun Exp $ */
/* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */
/*
@@ -144,7 +144,8 @@ ifinit()
if_slowtimo(&if_slowtim);
}
-int if_index = 0;
+static int if_index = 0;
+int if_indexlim = 0;
struct ifaddr **ifnet_addrs = NULL;
struct ifnet **ifindex2ifnet = NULL;
struct ifnet_head ifnet;
@@ -159,7 +160,6 @@ if_attachsetup(ifp)
struct ifnet *ifp;
{
struct ifaddr *ifa;
- static int if_indexlim = 8;
int wrapped = 0;
if (ifindex2ifnet == 0)
@@ -202,6 +202,8 @@ if_attachsetup(ifp)
caddr_t q;
oldlim = if_indexlim;
+ if (if_indexlim == 0)
+ if_indexlim = 8;
while (if_index >= if_indexlim)
if_indexlim <<= 1;
@@ -805,9 +807,10 @@ ifa_ifwithnet(addr)
char *addr_data = addr->sa_data, *cplim;
if (af == AF_LINK) {
- register struct sockaddr_dl *sdl = (struct sockaddr_dl *)addr;
- if (sdl->sdl_index && sdl->sdl_index <= if_index)
- return (ifnet_addrs[sdl->sdl_index]);
+ register struct sockaddr_dl *sdl = (struct sockaddr_dl *)addr;
+ if (sdl->sdl_index && sdl->sdl_index < if_indexlim &&
+ ifindex2ifnet[sdl->sdl_index])
+ return (ifnet_addrs[sdl->sdl_index]);
}
TAILQ_FOREACH(ifp, &ifnet, if_list) {
TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) {
diff --git a/sys/net/if.h b/sys/net/if.h
index ba18c0ad313..8d4459b48b8 100644
--- a/sys/net/if.h
+++ b/sys/net/if.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: if.h,v 1.46 2003/12/08 09:09:03 markus Exp $ */
+/* $OpenBSD: if.h,v 1.47 2003/12/10 03:30:21 itojun Exp $ */
/* $NetBSD: if.h,v 1.23 1996/05/07 02:40:27 thorpej Exp $ */
/*
@@ -554,7 +554,7 @@ do { \
extern struct ifnet_head ifnet;
extern struct ifnet **ifindex2ifnet;
extern struct ifnet *lo0ifp;
-extern int if_index;
+extern int if_indexlim;
void ether_ifattach(struct ifnet *);
void ether_ifdetach(struct ifnet *);
diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c
index 450765934bb..ed5de8808ed 100644
--- a/sys/netinet6/in6.c
+++ b/sys/netinet6/in6.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: in6.c,v 1.51 2003/06/24 07:47:54 itojun Exp $ */
+/* $OpenBSD: in6.c,v 1.52 2003/12/10 03:30:21 itojun Exp $ */
/* $KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $ */
/*
@@ -284,9 +284,11 @@ in6_ifindex2scopeid(idx)
struct ifaddr *ifa;
struct sockaddr_in6 *sin6;
- if (idx < 0 || if_index < idx)
+ if (idx < 0 || if_indexlim <= idx)
return -1;
ifp = ifindex2ifnet[idx];
+ if (!ifp)
+ return -1;
for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next)
{
diff --git a/sys/netinet6/in6_src.c b/sys/netinet6/in6_src.c
index 04adeaac949..82f12d20253 100644
--- a/sys/netinet6/in6_src.c
+++ b/sys/netinet6/in6_src.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: in6_src.c,v 1.15 2003/06/02 23:28:15 millert Exp $ */
+/* $OpenBSD: in6_src.c,v 1.16 2003/12/10 03:30:21 itojun Exp $ */
/* $KAME: in6_src.c,v 1.36 2001/02/06 04:08:17 itojun Exp $ */
/*
@@ -155,7 +155,8 @@ in6_selectsrc(dstsock, opts, mopts, ro, laddr, errorp)
* somewhere...
*/
if (dstsock->sin6_scope_id < 0 ||
- if_index < dstsock->sin6_scope_id) {
+ if_indexlim <= dstsock->sin6_scope_id ||
+ !ifindex2ifnet[dstsock->sin6_scope_id]) {
*errorp = ENXIO; /* XXX: better error? */
return (0);
}
@@ -370,7 +371,8 @@ in6_embedscope(in6, sin6, in6p, ifpp)
in6->s6_addr16[1] = htons(ifp->if_index);
} else if (scopeid) {
/* boundary check */
- if (scopeid < 0 || if_index < scopeid)
+ if (scopeid < 0 || if_indexlim <= scopeid ||
+ !ifindex2ifnet[scopeid])
return ENXIO; /* XXX EINVAL? */
ifp = ifindex2ifnet[scopeid];
/*XXX assignment to 16bit from 32bit variable */
@@ -416,7 +418,8 @@ in6_recoverscope(sin6, in6, ifp)
scopeid = ntohs(sin6->sin6_addr.s6_addr16[1]);
if (scopeid) {
/* sanity check */
- if (scopeid < 0 || if_index < scopeid)
+ if (scopeid < 0 || if_indexlim <= scopeid ||
+ !ifindex2ifnet[scopeid])
return ENXIO;
if (ifp && ifp->if_index != scopeid)
return ENXIO;
diff --git a/sys/netinet6/ip6_mroute.c b/sys/netinet6/ip6_mroute.c
index 334f8da93b9..1214d1a7250 100644
--- a/sys/netinet6/ip6_mroute.c
+++ b/sys/netinet6/ip6_mroute.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip6_mroute.c,v 1.40 2003/07/08 10:23:32 itojun Exp $ */
+/* $OpenBSD: ip6_mroute.c,v 1.41 2003/12/10 03:30:21 itojun Exp $ */
/* $KAME: ip6_mroute.c,v 1.45 2001/03/25 08:38:51 itojun Exp $ */
/*
@@ -599,9 +599,11 @@ add_m6if(mifcp)
mifp = mif6table + mifcp->mif6c_mifi;
if (mifp->m6_ifp)
return EADDRINUSE; /* XXX: is it appropriate? */
- if (mifcp->mif6c_pifi == 0 || mifcp->mif6c_pifi > if_index)
+ if (mifcp->mif6c_pifi == 0 || mifcp->mif6c_pifi >= if_indexlim)
return ENXIO;
ifp = ifindex2ifnet[mifcp->mif6c_pifi];
+ if (!ifp)
+ return ENXIO;
if (mifcp->mif6c_flags & MIFF_REGISTER) {
if (reg_mif_num == (mifi_t)-1) {
diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c
index 058c390b16d..15822664b40 100644
--- a/sys/netinet6/ip6_output.c
+++ b/sys/netinet6/ip6_output.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip6_output.c,v 1.79 2003/11/07 22:32:47 itojun Exp $ */
+/* $OpenBSD: ip6_output.c,v 1.80 2003/12/10 03:30:21 itojun Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -551,10 +551,10 @@ ip6_output(m0, opt, ro, flags, im6o, ifpp)
* (this may happen when we are sending a packet to one of
* our own addresses.)
*/
- if (opt && opt->ip6po_pktinfo
- && opt->ip6po_pktinfo->ipi6_ifindex) {
- if (!(ifp->if_flags & IFF_LOOPBACK)
- && ifp->if_index != opt->ip6po_pktinfo->ipi6_ifindex) {
+ if (opt && opt->ip6po_pktinfo &&
+ opt->ip6po_pktinfo->ipi6_ifindex) {
+ if (!(ifp->if_flags & IFF_LOOPBACK) &&
+ ifp->if_index != opt->ip6po_pktinfo->ipi6_ifindex) {
ip6stat.ip6s_noroute++;
in6_ifstat_inc(ifp, ifs6_out_discard);
error = EHOSTUNREACH;
@@ -1770,7 +1770,8 @@ ip6_setmoptions(optname, im6op, m)
break;
}
bcopy(mtod(m, u_int *), &ifindex, sizeof(ifindex));
- if (ifindex < 0 || if_index < ifindex) {
+ if (ifindex < 0 || if_indexlim <= ifindex ||
+ !ifindex2ifnet[ifindex]) {
error = ENXIO; /* XXX EINVAL? */
break;
}
@@ -1849,7 +1850,8 @@ ip6_setmoptions(optname, im6op, m)
* If the interface is specified, validate it.
*/
if (mreq->ipv6mr_interface < 0 ||
- if_index < mreq->ipv6mr_interface) {
+ if_indexlim <= mreq->ipv6mr_interface ||
+ !ifindex2ifnet[mreq->ipv6mr_interface]) {
error = ENXIO; /* XXX EINVAL? */
break;
}
@@ -1948,8 +1950,9 @@ ip6_setmoptions(optname, im6op, m)
* If an interface address was specified, get a pointer
* to its ifnet structure.
*/
- if (mreq->ipv6mr_interface < 0
- || if_index < mreq->ipv6mr_interface) {
+ if (mreq->ipv6mr_interface < 0 ||
+ if_indexlim <= mreq->ipv6mr_interface ||
+ !ifindex2ifnet[mreq->ipv6mr_interface]) {
error = ENXIO; /* XXX EINVAL? */
break;
}
@@ -2114,10 +2117,14 @@ ip6_setpktoptions(control, opt, priv)
opt->ip6po_pktinfo->ipi6_addr.s6_addr16[1] =
htons(opt->ip6po_pktinfo->ipi6_ifindex);
- if (opt->ip6po_pktinfo->ipi6_ifindex > if_index ||
+ if (opt->ip6po_pktinfo->ipi6_ifindex >= if_indexlim ||
opt->ip6po_pktinfo->ipi6_ifindex < 0) {
return (ENXIO);
}
+ if (opt->ip6po_pktinfo->ipi6_ifindex > 0 &&
+ !ifindex2ifnet[opt->ip6po_pktinfo->ipi6_ifindex]) {
+ return (ENXIO);
+ }
/*
* Check if the requested source address is indeed a
diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c
index bc8dcd33cd9..9c5169ce2c0 100644
--- a/sys/netinet6/nd6_rtr.c
+++ b/sys/netinet6/nd6_rtr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nd6_rtr.c,v 1.29 2003/09/26 21:43:32 miod Exp $ */
+/* $OpenBSD: nd6_rtr.c,v 1.30 2003/12/10 03:30:21 itojun Exp $ */
/* $KAME: nd6_rtr.c,v 1.97 2001/02/07 11:09:13 itojun Exp $ */
/*
@@ -1979,7 +1979,7 @@ nd6_setdefaultiface(ifindex)
{
int error = 0;
- if (ifindex < 0 || if_index < ifindex)
+ if (ifindex < 0 || if_indexlim <= ifindex || !ifindex2ifnet[ifindex])
return (EINVAL);
if (nd6_defifindex != ifindex) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-29 10:34:09 +0000