Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 20 Aug 2011 13:46:19 +0000 (UTC)
From:      "Bjoern A. Zeeb" <bz@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r225033 - head/sys/netinet/ipfw
Message-ID:  <201108201346.p7KDkJ1L054243@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: bz
Date: Sat Aug 20 13:46:19 2011
New Revision: 225033
URL: http://svn.freebsd.org/changeset/base/225033

Log:
  If we detect an IPv6 fragment header and it is not the first fragment,
  then terminate the loop as we will not find any further headers and
  for short fragments this could otherwise lead to a pullup error
  discarding the fragment.
  
  PR:		kern/145733
  Submitted by:	Matthew Luckie (mjl luckie.org.nz)
  MFC after:	2 weeks
  Approved by:	re (kib)

Modified:
  head/sys/netinet/ipfw/ip_fw2.c

Modified: head/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- head/sys/netinet/ipfw/ip_fw2.c	Sat Aug 20 13:17:47 2011	(r225032)
+++ head/sys/netinet/ipfw/ip_fw2.c	Sat Aug 20 13:46:19 2011	(r225033)
@@ -978,7 +978,7 @@ do {								\
 		proto = ip6->ip6_nxt;
 
 		/* Search extension headers to find upper layer protocols */
-		while (ulp == NULL) {
+		while (ulp == NULL && offset == 0) {
 			switch (proto) {
 			case IPPROTO_ICMPV6:
 				PULLUP_TO(hlen, ulp, struct icmp6_hdr);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201108201346.p7KDkJ1L054243>