diff options
| author |   itojun <itojun@openbsd.org> | 1999-12-21 15:41:07 +0000 |
|---|---|---|
| committer | itojun <itojun@openbsd.org> | 1999-12-21 15:41:07 +0000 |
| commit | e22543b469bbe9aa998f66c3273f52b01184c1fc (patch) | |
| tree | 9d348f7512bf6a0fc71e19452b597b042d71329f /sys/netinet/udp_usrreq.c | |
| parent | enable SACK again (diff) | |
| download | wireguard-openbsd-e22543b469bbe9aa998f66c3273f52b01184c1fc.tar.xz wireguard-openbsd-e22543b469bbe9aa998f66c3273f52b01184c1fc.zip | |
be paranoid about malicious use of v4 mapped addr on v6 packet.
malicious party may try to use v4 mapped addr as source/dest to
confuse tcp/udp layer, or to bypass security checks,
for example, naive stack can mistakingly think a packet with
src = ::ffff:127.0.0.1 is from local node.
(sync with kame)
Diffstat (limited to 'sys/netinet/udp_usrreq.c')
| -rw-r--r-- | sys/netinet/udp_usrreq.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 7ca77e74e76..1c5edcd4e55 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.32 1999/12/19 02:52:21 itojun Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.33 1999/12/21 15:41:08 itojun Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -287,6 +287,13 @@ udp_input(m, va_alist) savesum = uh->uh_sum; #ifdef INET6 if (ipv6) { + /* Be proactive about malicious use of IPv4 mapped address */ + if (IN6_IS_ADDR_V4MAPPED(&ipv6->ip6_src) || + IN6_IS_ADDR_V4MAPPED(&ipv6->ip6_dst)) { + /* XXX stat */ + goto bad; + } + /* * In IPv6, the UDP checksum is ALWAYS used. */ |