Date: Wed, 23 Jul 2025 14:23:44 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 15fa3e7ec77e - main - pf: move IPv4 packet length check up Message-ID: <202507231423.56NENiIm031073@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=15fa3e7ec77e113de793ad23caa35dcbf6770c9d commit 15fa3e7ec77e113de793ad23caa35dcbf6770c9d Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-07-15 14:40:21 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-07-23 13:35:43 +0000 pf: move IPv4 packet length check up Perform this check ("Do we have enough data for the IP length?") so it happens before normalisation. Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 009f7e4d78b1..9517e9b8c9bc 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -10090,6 +10090,13 @@ pf_setup_pdesc(sa_family_t af, int dir, struct pf_pdesc *pd, struct mbuf **m0, return (-1); } + h = mtod(pd->m, struct ip *); + if (pd->m->m_pkthdr.len < ntohs(h->ip_len)) { + *action = PF_DROP; + REASON_SET(reason, PFRES_SHORT); + return (-1); + } + if (pf_normalize_ip(reason, pd) != PF_PASS) { /* We do IP header normalization and packet reassembly here */ *m0 = pd->m; @@ -10097,13 +10104,7 @@ pf_setup_pdesc(sa_family_t af, int dir, struct pf_pdesc *pd, struct mbuf **m0, return (-1); } *m0 = pd->m; - h = mtod(pd->m, struct ip *); - if (pd->m->m_pkthdr.len < ntohs(h->ip_len)) { - *action = PF_DROP; - REASON_SET(reason, PFRES_SHORT); - return (-1); - } if (pf_walk_header(pd, h, reason) != PF_PASS) { *action = PF_DROP;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202507231423.56NENiIm031073>