diff options
| author |   deraadt <deraadt@openbsd.org> | 1998-12-28 23:54:57 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 1998-12-28 23:54:57 +0000 |
| commit | 49d7a964bc50017d63b519c83dfcf9b6d85f42fb (patch) | |
| tree | 0b545081f13770c818dbab18adc51bf9bba243a5 /sys | |
| parent | use getcwd(3) (diff) | |
| download | wireguard-openbsd-49d7a964bc50017d63b519c83dfcf9b6d85f42fb.tar.xz wireguard-openbsd-49d7a964bc50017d63b519c83dfcf9b6d85f42fb.zip | |
ensure the ip packet embedded inside an icmp packet has correct ip_len,
ip_off, ip_id. for udp, also correct uh_sum. ip_sum is still set to 0;
(all this debugged using nmap)
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/ip_input.c | 13 | ||||
| -rw-r--r-- | sys/netinet/udp_usrreq.c | 7 |
2 files changed, 17 insertions, 3 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 9b1f9cd4a02..8c893c4ee2c 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_input.c,v 1.33 1998/12/26 12:35:11 provos Exp $ */ +/* $OpenBSD: ip_input.c,v 1.34 1998/12/28 23:54:57 deraadt Exp $ */ /* $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $ */ /* @@ -911,6 +911,9 @@ ip_dooptions(m) return (0); bad: ip->ip_len -= ip->ip_hl << 2; /* XXX icmp_error adds in hdr length */ + HTONS(ip->ip_len); /* XXX because ip_input changed these three */ + HTONS(ip->ip_id); + HTONS(ip->ip_off); icmp_error(m, type, code, 0, 0); ipstat.ips_badoptions++; return (1); @@ -1154,6 +1157,8 @@ ip_forward(m, srcrt) } HTONS(ip->ip_id); if (ip->ip_ttl <= IPTTLDEC) { + HTONS(ip->ip_off); + HTONS(ip->ip_len); icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, 0); return; } @@ -1172,6 +1177,8 @@ ip_forward(m, srcrt) rtalloc(&ipforward_rt); if (ipforward_rt.ro_rt == 0) { + HTONS(ip->ip_off); + HTONS(ip->ip_len); icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, dest, 0); return; } @@ -1263,6 +1270,10 @@ ip_forward(m, srcrt) code = 0; break; } + + ip = mtod(mcopy, struct ip *); + HTONS(ip->ip_off); + HTONS(ip->ip_len); icmp_error(mcopy, type, code, dest, destifp); } diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index b3bf8845dd5..1fe83330053 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.15 1998/05/18 21:11:12 provos Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.16 1998/12/28 23:54:58 deraadt Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -172,7 +172,7 @@ udp_input(m, va_alist) bzero(((struct ipovly *)ip)->ih_x1, sizeof ((struct ipovly *)ip)->ih_x1); ((struct ipovly *)ip)->ih_len = uh->uh_ulen; - if ((uh->uh_sum = in_cksum(m, len + sizeof (struct ip))) != 0) { + if (in_cksum(m, len + sizeof (struct ip)) != 0) { udpstat.udps_badsum++; m_freem(m); return; @@ -288,6 +288,9 @@ udp_input(m, va_alist) goto bad; } *ip = save_ip; + HTONS(ip->ip_len); + HTONS(ip->ip_id); + HTONS(ip->ip_off); icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PORT, 0, 0); return; } |