Module Name: src
Committed By: ozaki-r
Date: Mon Mar 20 09:15:52 UTC 2023
Modified Files:
src/sys/netinet6: ip6_output.c
Log Message:
in6: reject setting negative values but -1 via setsockopt(IPV6_CHECKSUM)
Same as OpenBSD.
To generate a diff of this commit:
cvs rdiff -u -r1.232 -r1.233 src/sys/netinet6/ip6_output.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.232 src/sys/netinet6/ip6_output.c:1.233
--- src/sys/netinet6/ip6_output.c:1.232 Fri Jan 27 09:33:43 2023
+++ src/sys/netinet6/ip6_output.c Mon Mar 20 09:15:52 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ip6_output.c,v 1.232 2023/01/27 09:33:43 ozaki-r Exp $ */
+/* $NetBSD: ip6_output.c,v 1.233 2023/03/20 09:15:52 ozaki-r Exp $ */
/* $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.232 2023/01/27 09:33:43 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.233 2023/03/20 09:15:52 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1984,8 +1984,12 @@ ip6_raw_ctloutput(int op, struct socket
error = sockopt_getint(sopt, &optval);
if (error)
break;
- if ((optval % 2) != 0) {
- /* the API assumes even offset values */
+ if (optval < -1 ||
+ (optval > 0 && (optval % 2) != 0)) {
+ /*
+ * The API assumes non-negative even offset
+ * values or -1 as a special value.
+ */
error = EINVAL;
} else if (so->so_proto->pr_protocol ==
IPPROTO_ICMPV6) {
