From 28f4067fe0887b4870b0ec63b897ff1fa41e4602 Mon Sep 17 00:00:00 2001 From: wpaul Date: Tue, 8 Jul 2003 21:54:20 +0000 Subject: - In vlan_input(), always mask off all but the VLID bits from tags extracted from received frames, both in the IFCAP_VLAN_HWTAGGING case and not. (Some drivers may already do this masking internally, but doing it here doesn't hurt and insures consistency.) - In vlan_ioctl(), don't let the user set a VLAN ID value with anything besides the VLID bits set, otherwise we will have trouble matching an interface in vlan_input() later. PR: kern/46405 --- sys/net/if_vlan.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'sys/net/if_vlan.c') diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c index 99b1dcf..5a92fae 100644 --- a/sys/net/if_vlan.c +++ b/sys/net/if_vlan.c @@ -394,7 +394,7 @@ vlan_input(struct ifnet *ifp, struct mbuf *m) * Packet is tagged, m contains a normal * Ethernet frame; the tag is stored out-of-band. */ - tag = *(u_int*)(mtag+1); + tag = EVL_VLANOFTAG(*(u_int*)(mtag+1)); m_tag_delete(m, mtag); } else { switch (ifp->if_type) { @@ -409,7 +409,7 @@ vlan_input(struct ifnet *ifp, struct mbuf *m) ("vlan_input: bad encapsulated protocols (%u)", ntohs(evl->evl_encap_proto))); - tag = ntohs(evl->evl_tag); + tag = EVL_VLANOFTAG(ntohs(evl->evl_tag)); /* * Restore the original ethertype. We'll remove @@ -737,6 +737,14 @@ vlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) error = ENOENT; break; } + /* + * Don't let the caller set up a VLAN tag with + * anything except VLID bits. + */ + if (vlr.vlr_tag & ~EVL_VLID_MASK) { + error = EINVAL; + break; + } error = vlan_config(ifv, p); if (error) break; -- cgit v1.1