From owner-svn-src-all@FreeBSD.ORG Sat Aug 20 13:46:19 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EDF96106566B; Sat, 20 Aug 2011 13:46:19 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id DD5048FC1B; Sat, 20 Aug 2011 13:46:19 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p7KDkJTP054245; Sat, 20 Aug 2011 13:46:19 GMT (envelope-from bz@svn.freebsd.org) Received: (from bz@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p7KDkJ1L054243; Sat, 20 Aug 2011 13:46:19 GMT (envelope-from bz@svn.freebsd.org) Message-Id: <201108201346.p7KDkJ1L054243@svn.freebsd.org> From: "Bjoern A. Zeeb" Date: Sat, 20 Aug 2011 13:46:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r225033 - head/sys/netinet/ipfw X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Aug 2011 13:46:20 -0000 Author: bz Date: Sat Aug 20 13:46:19 2011 New Revision: 225033 URL: http://svn.freebsd.org/changeset/base/225033 Log: If we detect an IPv6 fragment header and it is not the first fragment, then terminate the loop as we will not find any further headers and for short fragments this could otherwise lead to a pullup error discarding the fragment. PR: kern/145733 Submitted by: Matthew Luckie (mjl luckie.org.nz) MFC after: 2 weeks Approved by: re (kib) Modified: head/sys/netinet/ipfw/ip_fw2.c Modified: head/sys/netinet/ipfw/ip_fw2.c ============================================================================== --- head/sys/netinet/ipfw/ip_fw2.c Sat Aug 20 13:17:47 2011 (r225032) +++ head/sys/netinet/ipfw/ip_fw2.c Sat Aug 20 13:46:19 2011 (r225033) @@ -978,7 +978,7 @@ do { \ proto = ip6->ip6_nxt; /* Search extension headers to find upper layer protocols */ - while (ulp == NULL) { + while (ulp == NULL && offset == 0) { switch (proto) { case IPPROTO_ICMPV6: PULLUP_TO(hlen, ulp, struct icmp6_hdr);