Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

iipsec4_get_ulp(): Fix a reversed test that would have caused us to access 

bogus IP header data if presented with a short mbuf.
This commit is contained in:
thorpej 2004-03-02 00:50:57 +00:00
parent 9ff09d5dff
commit 68020cebc0
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sys/netipsec/ipsec.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: ipsec.c,v 1.7 2004/02/24 15:12:52 wiz Exp $ */
/* $NetBSD: ipsec.c,v 1.8 2004/03/02 00:50:57 thorpej Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.7 2004/02/24 15:12:52 wiz Exp $");
__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.8 2004/03/02 00:50:57 thorpej Exp $");
/*
* IPsec controller part.
@ -667,7 +667,7 @@ ipsec4_get_ulp(struct mbuf *m, struct secpolicyindex *spidx, int needport)
("ipsec4_get_ulp: packet too short"));
/* NB: ip_input() flips it into host endian XXX need more checking */
if (m->m_len < sizeof (struct ip)) {
if (m->m_len >= sizeof(struct ip)) {
struct ip *ip = mtod(m, struct ip *);
if (ip->ip_off & (IP_MF | IP_OFFMASK))
goto done;