Date: Tue, 17 Mar 2015 02:22:21 +0100 From: Kristof Provost <kristof@sigsegv.be> To: "Andrey V. Elsukov" <bu7cher@yandex.ru> Cc: freebsd-net@freebsd.org, Philip Paeps <philip@freebsd.org> Subject: Re: Padded packets in ip6_input() Message-ID: <20150317012221.GD2036@vega.codepro.be> In-Reply-To: <5505891E.4060109@yandex.ru> References: <20150315063651.GA2036@vega.codepro.be> <5505891E.4060109@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2015-03-15 16:29:02 (+0300), Andrey V. Elsukov <bu7cher@yandex.ru> wrote: > This is very rare case, I think, but plen can be zero in case, when > jumbo payload option is present. Probably this is the reason why this > check is done after hop-by-hop options parsing. > You're right, I missed that. The proposed patch is wrong. I think we can get away with doing the trim before the pfil() hook (only if plen != 0). That'd mean we don't do the size check before pfil(), but that's almost certainly something the firewalls handle (I'll check when I find a bit of time). There's perhaps also a risk of not doing the trim in the jumbo frame case, but the existing code already (correctly) drops jumbo packets shorter than 65k. I'll look at it a bit more (either doing the above or ensuring all firewalls handle trailing data correctly) later. Regards, Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150317012221.GD2036>