If no vlan(4) interfaces are configured for the interface, and the

driver did VLAN decapsulation in hardware, we were passing a frame as if it came for the parent (non-VLAN) interface. Stop this from happening. Reminded by: glebius Security: This could pose a security risk in some setups
author: ru <ru@FreeBSD.org> 2005-02-14 08:29:42 +0000
committer: ru <ru@FreeBSD.org> 2005-02-14 08:29:42 +0000
commit: 5d07a7452ca61f2712d9a2614302164f98044d60 (patch)
tree: 9a7c782332039ec1c7936a888a0c43195f7b104b /sys/net/if_ethersubr.c
parent: 939f1dec3d5c099d697f9b51b5b2f4a1ab4dbbdb (diff)
download: FreeBSD-src-5d07a7452ca61f2712d9a2614302164f98044d60.zip
FreeBSD-src-5d07a7452ca61f2712d9a2614302164f98044d60.tar.gz
1 files changed, 10 insertions, 3 deletions
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index 0871077..22410e7 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -654,13 +654,20 @@ post_stats:
 #endif
 
 	/*
-	 * If VLANs are configured on the interface, check to
-	 * see if the device performed the decapsulation and
+	 * Check to see if the device performed the VLAN decapsulation and
 	 * provided us with the tag.
 	 */
-	if (ifp->if_nvlans &&
+	if (m_tag_first(m) != NULL &&
 	    m_tag_locate(m, MTAG_VLAN, MTAG_VLAN_TAG, NULL) != NULL) {
 		/*
+		 * If no VLANs are configured, drop.
+		 */
+		if (ifp->if_nvlans == 0) {
+			ifp->if_noproto++;
+			m_freem(m);
+			return;
+		}
+		/*
 		 * vlan_input() will either recursively call ether_input()
 		 * or drop the packet.
 		 */
author	ru <ru@FreeBSD.org>	2005-02-14 08:29:42 +0000
committer	ru <ru@FreeBSD.org>	2005-02-14 08:29:42 +0000
commit	5d07a7452ca61f2712d9a2614302164f98044d60 (patch)
tree	9a7c782332039ec1c7936a888a0c43195f7b104b /sys/net/if_ethersubr.c
parent	939f1dec3d5c099d697f9b51b5b2f4a1ab4dbbdb (diff)
download	FreeBSD-src-5d07a7452ca61f2712d9a2614302164f98044d60.zip FreeBSD-src-5d07a7452ca61f2712d9a2614302164f98044d60.tar.gz