From owner-freebsd-security Tue Dec 22 08:50:54 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA15137 for freebsd-security-outgoing; Tue, 22 Dec 1998 08:50:54 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from horse.supranet.net (horse.supranet.net [205.164.160.8]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA15132 for ; Tue, 22 Dec 1998 08:50:52 -0800 (PST) (envelope-from john@arnie.jfive.com) Received: from snake.supranet.net (snake.supranet.net [205.164.160.19]) by horse.supranet.net (8.9.1/8.9.1) with SMTP id KAA01395 for ; Tue, 22 Dec 1998 10:50:44 -0600 (CST) Date: Tue, 22 Dec 1998 10:50:44 -0600 (CST) From: John Heyer X-Sender: john@snake.supranet.net To: security@FreeBSD.ORG Subject: Re: CERT CA-98-13, patch needed In-Reply-To: <199812221221.JAA04130@ns1.sminter.com.ar> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 22 Dec 1998, Fernando Schapachnik wrote: > Just remove the "3D"s from the patch and it will apply. > > Regards. > Here's mine if anybody's too lazy to do it themselves or doesn't know C. I'm running 2.2.5 and the patch was actually around line 465, but it should work regardless. The directory is /usr/src/sys/netinet --- ip_input.c 1998/10/27 09:19:03 1.104 +++ ip_input.c 1998/11/11 21:17:59 1.105 @@ -513,7 +513,7 @@ */ if (ip->ip_off & (IP_MF | IP_OFFMASK | IP_RF)) { if (m->m_flags & M_EXT) { /* XXX */ - if ((m = m_pullup(m, sizeof (struct ip))) == 0) { + if ((m = m_pullup(m, hlen)) == 0) { ipstat.ips_toosmall++; #ifdef IPDIVERT frag_divert_port = 0; -- "Mr. Spock, your mind is incedibly logical and analytical!" "Thank you." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message