summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorae <ae@FreeBSD.org>2017-07-03 10:10:04 +0000
committerae <ae@FreeBSD.org>2017-07-03 10:10:04 +0000
commit1b1001711cd25830b9dcd1ab518fa6bf0b7a3f11 (patch)
tree3a3e0a17381c2706f88ea5c325e75e568a6240a5
parent9fe2315a0e711f5c57add00556019d65dc1a609e (diff)
downloadFreeBSD-src-1b1001711cd25830b9dcd1ab518fa6bf0b7a3f11.zip
FreeBSD-src-1b1001711cd25830b9dcd1ab518fa6bf0b7a3f11.tar.gz
Merge from stable/11 r320593:
Fix IPv6 extension header parsing. The length field doesn't include the first 8 octets. Obtained from: Yandex LLC Approved by: re (marius)
Diffstat
-rw-r--r--sys/netpfil/ipfw/nat64/nat64_translate.c2
-rw-r--r--sys/netpfil/ipfw/nptv6/nptv6.c2
-rw-r--r--sys/netpfil/ipfw/pmod/tcpmod.c2
3 files changed, 3 insertions, 3 deletions
diff --git a/sys/netpfil/ipfw/nat64/nat64_translate.c b/sys/netpfil/ipfw/nat64/nat64_translate.c
index aefd0f9..25b4e14 100644
--- a/sys/netpfil/ipfw/nat64/nat64_translate.c
+++ b/sys/netpfil/ipfw/nat64/nat64_translate.c
@@ -1054,7 +1054,7 @@ nat64_getlasthdr(struct mbuf *m, int *offset)
if (proto == IPPROTO_HOPOPTS && ip6->ip6_plen == 0)
return (-1);
proto = hbh->ip6h_nxt;
- hlen += hbh->ip6h_len << 3;
+ hlen += (hbh->ip6h_len + 1) << 3;
}
if (offset != NULL)
*offset = hlen;
diff --git a/sys/netpfil/ipfw/nptv6/nptv6.c b/sys/netpfil/ipfw/nptv6/nptv6.c
index da86975..c720a33 100644
--- a/sys/netpfil/ipfw/nptv6/nptv6.c
+++ b/sys/netpfil/ipfw/nptv6/nptv6.c
@@ -125,7 +125,7 @@ nptv6_getlasthdr(struct nptv6_cfg *cfg, struct mbuf *m, int *offset)
if (m->m_len < hlen)
return (-1);
proto = hbh->ip6h_nxt;
- hlen += hbh->ip6h_len << 3;
+ hlen += (hbh->ip6h_len + 1) << 3;
}
if (offset != NULL)
*offset = hlen;
diff --git a/sys/netpfil/ipfw/pmod/tcpmod.c b/sys/netpfil/ipfw/pmod/tcpmod.c
index fc2bfb5..10b6d2d 100644
--- a/sys/netpfil/ipfw/pmod/tcpmod.c
+++ b/sys/netpfil/ipfw/pmod/tcpmod.c
@@ -137,7 +137,7 @@ tcpmod_ipv6_setmss(struct mbuf **mp, uint16_t mss)
proto == IPPROTO_DSTOPTS) {
hbh = mtodo(*mp, hlen);
proto = hbh->ip6h_nxt;
- hlen += hbh->ip6h_len << 3;
+ hlen += (hbh->ip6h_len + 1) << 3;
}
tcp = mtodo(*mp, hlen);
plen = (*mp)->m_pkthdr.len - hlen;
OpenPOWER on IntegriCloud