diff options
author | vanhu <vanhu@FreeBSD.org> | 2009-10-01 15:33:53 +0000 |
---|---|---|
committer | vanhu <vanhu@FreeBSD.org> | 2009-10-01 15:33:53 +0000 |
commit | 4f56708582006aca1db129a86ef646499265ee9a (patch) | |
tree | a2ed1fb8d0602d6e7e0dba7dc02455dd2f65495c /sys/netipsec | |
parent | a73674620c7fa1fe443dd9e7532a797292aeb6e1 (diff) | |
download | FreeBSD-src-4f56708582006aca1db129a86ef646499265ee9a.zip FreeBSD-src-4f56708582006aca1db129a86ef646499265ee9a.tar.gz |
Changed an IPSEC_ASSERT to a simple test, as such invalid packets
may come from outside without being discarded before.
Submitted by: aurelien.ansel@netasq.com
Reviewed by: bz (secteam)
Obtained from: NETASQ
MFC after: 1m
Diffstat (limited to 'sys/netipsec')
-rw-r--r-- | sys/netipsec/xform_esp.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index 135be9d..dbacd77 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -282,9 +282,15 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) IPSEC_ASSERT(sav != NULL, ("null SA")); IPSEC_ASSERT(sav->tdb_encalgxform != NULL, ("null encoding xform")); - IPSEC_ASSERT((skip&3) == 0 && (m->m_pkthdr.len&3) == 0, - ("misaligned packet, skip %u pkt len %u", - skip, m->m_pkthdr.len)); + + /* Valid IP Packet length ? */ + if ( (skip&3) || (m->m_pkthdr.len&3) ){ + DPRINTF(("%s: misaligned packet, skip %u pkt len %u", + __func__, skip, m->m_pkthdr.len)); + V_espstat.esps_badilen++; + m_freem(m); + return EINVAL; + } /* XXX don't pullup, just copy header */ IP6_EXTHDR_GET(esp, struct newesp *, m, skip, sizeof (struct newesp)); |