diff options
| author | bz <bz@FreeBSD.org> | 2011-08-20 13:46:19 +0000 |
|---|---|---|
| committer | bz <bz@FreeBSD.org> | 2011-08-20 13:46:19 +0000 |
| commit | 0ac1f49cb05b5e484263072785a85a98d2dbfe25 (patch) | |
| tree | 7639cf5601b9a047ec61a0d92430516b97c7da3c | |
| parent | 90bed46bcee236b59a312e6c676707f3db838e2d (diff) | |
| download | FreeBSD-src-0ac1f49cb05b5e484263072785a85a98d2dbfe25.zip FreeBSD-src-0ac1f49cb05b5e484263072785a85a98d2dbfe25.tar.gz | |
If we detect an IPv6 fragment header and it is not the first fragment,
then terminate the loop as we will not find any further headers and
for short fragments this could otherwise lead to a pullup error
discarding the fragment.
PR: kern/145733
Submitted by: Matthew Luckie (mjl luckie.org.nz)
MFC after: 2 weeks
Approved by: re (kib)
| -rw-r--r-- | sys/netinet/ipfw/ip_fw2.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/netinet/ipfw/ip_fw2.c b/sys/netinet/ipfw/ip_fw2.c index 56354ad..f028fbb 100644 --- a/sys/netinet/ipfw/ip_fw2.c +++ b/sys/netinet/ipfw/ip_fw2.c @@ -978,7 +978,7 @@ do { \ proto = ip6->ip6_nxt; /* Search extension headers to find upper layer protocols */ - while (ulp == NULL) { + while (ulp == NULL && offset == 0) { switch (proto) { case IPPROTO_ICMPV6: PULLUP_TO(hlen, ulp, struct icmp6_hdr); |
