summaryrefslogtreecommitdiffstats
path: root/sys/netinet6/ah_core.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/netinet6/ah_core.c')
-rw-r--r--sys/netinet6/ah_core.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/sys/netinet6/ah_core.c b/sys/netinet6/ah_core.c
index 92481db..477de51 100644
--- a/sys/netinet6/ah_core.c
+++ b/sys/netinet6/ah_core.c
@@ -788,6 +788,8 @@ again:
i = sizeof(struct ip);
while (i < hlen) {
if (i + IPOPT_OPTVAL >= hlen) {
+ ipseclog((LOG_ERR, "ah4_calccksum: "
+ "invalid IP option\n"));
error = EINVAL;
goto fail;
}
@@ -796,6 +798,10 @@ again:
i + IPOPT_OLEN < hlen)
;
else {
+ ipseclog((LOG_ERR,
+ "ah4_calccksum: invalid IP option "
+ "(type=%02x)\n",
+ p[i + IPOPT_OPTVAL]));
error = EINVAL;
goto fail;
}
@@ -813,14 +819,19 @@ again:
case 0x94: /* Router alert */
case 0x95: /* RFC1770 */
l = p[i + IPOPT_OLEN];
+ if (l < 2)
+ goto invalopt;
skip = 0;
break;
default:
l = p[i + IPOPT_OLEN];
+ if (l < 2)
+ goto invalopt;
skip = 1;
break;
}
- if (l <= 0 || hlen - i < l) {
+ if (l < 1 || hlen - i < l) {
+ invalopt:
ipseclog((LOG_ERR,
"ah4_calccksum: invalid IP option "
"(type=%02x len=%02x)\n",
OpenPOWER on IntegriCloud