Hi,
I would like to move the common length check in pf_pull_hdr() after
the address family switch. This makes the specific calculation
more obvious.
ok?
bluhm
Index: net/pf.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/pf.c,v
retrieving revision 1.1026
diff -u -p -r1.1026 pf.c
--- net/pf.c 20 May 2017 22:56:43 -0000 1.1026
+++ net/pf.c 23 May 2017 00:48:35 -0000
@@ -5611,6 +5611,8 @@ void *
pf_pull_hdr(struct mbuf *m, int off, void *p, int len,
u_short *actionp, u_short *reasonp, sa_family_t af)
{
+ int iplen = 0;
+
switch (af) {
case AF_INET: {
struct ip *h = mtod(m, struct ip *);
@@ -5625,28 +5627,22 @@ pf_pull_hdr(struct mbuf *m, int off, voi
}
return (NULL);
}
- if (m->m_pkthdr.len < off + len ||
- ntohs(h->ip_len) < off + len) {
- ACTION_SET(actionp, PF_DROP);
- REASON_SET(reasonp, PFRES_SHORT);
- return (NULL);
- }
+ iplen = ntohs(h->ip_len);
break;
}
#ifdef INET6
case AF_INET6: {
struct ip6_hdr *h = mtod(m, struct ip6_hdr *);
- if (m->m_pkthdr.len < off + len ||
- (ntohs(h->ip6_plen) + sizeof(struct ip6_hdr)) <
- (unsigned)(off + len)) {
- ACTION_SET(actionp, PF_DROP);
- REASON_SET(reasonp, PFRES_SHORT);
- return (NULL);
- }
+ iplen = ntohs(h->ip6_plen) + sizeof(struct ip6_hdr);
break;
}
#endif /* INET6 */
+ }
+ if (m->m_pkthdr.len < off + len || iplen < off + len) {
+ ACTION_SET(actionp, PF_DROP);
+ REASON_SET(reasonp, PFRES_SHORT);
+ return (NULL);
}
m_copydata(m, off, len, p);
return (p);
