01/07/2026 18:20, Stephen Hemminger:
> The IP reassembly library tracks only a running byte total and reserved
> slots for the first and last fragments, with no coverage map. As a result
> it mishandles duplicate, overlapping, oversized, and misheadered
> fragments, and the IPv4 key is missing a field RFC 791 requires. There
> was also no functional test to catch any of it.
> 
> These came out of reviewing a duplicate-fragment report on the list.
> 
> Patches 1 and 2 are interdependent: the overlap discard relies on the
> duplicate handling so an exact duplicate is dropped on its own rather
> than discarding the whole datagram. The rest are independent.
> 
> Patch 6 adds a functional test modeled on the Linux selftest ip_defrag.c.
> It passes on this series; with any single fix reverted the matching case
> fails.
> 
> v3 - drop stable from one patch and reword release note
> 
> Stephen Hemminger (8):
>   ip_frag: tolerate duplicate fragments
>   ip_frag: discard datagrams with overlapping fragments
>   ip_frag: include protocol in IPv4 reassembly key
>   ip_frag: drop IPv6 fragments with per-fragment headers
>   ip_frag: reject oversized reassembled datagrams
>   app/test: add test for IP reassembly
>   ip_frag: remove use of rte_memcpy
>   doc: add release note about ip_frag changes

doc squashed in relevant commits atomically,
applied, thanks.


Reply via email to