CVS commit: src/sys

Roy Marples Wed, 07 Sep 2016 08:42:11 -0700

Module Name:    src
Committed By:   roy
Date:           Wed Sep  7 15:41:44 UTC 2016


Modified Files:
        src/sys/netinet: ip_input.c
        src/sys/netinet6: ip6_input.c

Log Message:
Disallow input to detached addresses because they are not yet valid.


To generate a diff of this commit:
cvs rdiff -u -r1.340 -r1.341 src/sys/netinet/ip_input.c
cvs rdiff -u -r1.167 -r1.168 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet/ip_input.c
diff -u src/sys/netinet/ip_input.c:1.340 src/sys/netinet/ip_input.c:1.341
--- src/sys/netinet/ip_input.c:1.340	Wed Aug 31 09:14:47 2016
+++ src/sys/netinet/ip_input.c	Wed Sep  7 15:41:44 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.340 2016/08/31 09:14:47 ozaki-r Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.341 2016/09/07 15:41:44 roy Exp $	*/
 
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,7 +91,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.340 2016/08/31 09:14:47 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.341 2016/09/07 15:41:44 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -382,7 +382,8 @@ ip_match_our_address(struct ifnet *ifp, 
 				continue;
 			if (checkif && ia->ia_ifp != ifp)
 				continue;
-			if ((ia->ia_ifp->if_flags & IFF_UP) != 0)
+			if ((ia->ia_ifp->if_flags & IFF_UP) != 0 &&
+			    (ia->ia4_flags & IN_IFF_DETACHED) == 0)
 				break;
 			else
 				(*downmatch)++;
@@ -402,7 +403,7 @@ ip_match_our_address_broadcast(struct if
 		if (ifa->ifa_addr->sa_family != AF_INET)
 			continue;
 		ia = ifatoia(ifa);
-		if (ia->ia4_flags & IN_IFF_NOTREADY)
+		if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED))
 			continue;
 		if (in_hosteq(ip->ip_dst, ia->ia_broadaddr.sin_addr) ||
 		    in_hosteq(ip->ip_dst, ia->ia_netbroadcast) ||

Index: src/sys/netinet6/ip6_input.c
diff -u src/sys/netinet6/ip6_input.c:1.167 src/sys/netinet6/ip6_input.c:1.168
--- src/sys/netinet6/ip6_input.c:1.167	Wed Aug 31 09:14:47 2016
+++ src/sys/netinet6/ip6_input.c	Wed Sep  7 15:41:44 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_input.c,v 1.167 2016/08/31 09:14:47 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_input.c,v 1.168 2016/09/07 15:41:44 roy Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.167 2016/08/31 09:14:47 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.168 2016/09/07 15:41:44 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_gateway.h"
@@ -504,7 +504,7 @@ ip6_input(struct mbuf *m, struct ifnet *
 		 * packets to a tentative, duplicated, or somehow invalid
 		 * address must not be accepted.
 		 */
-		if (!(ia6->ia6_flags & IN6_IFF_NOTREADY)) {
+		if (!(ia6->ia6_flags & (IN6_IFF_NOTREADY | IN6_IFF_DETACHED))) {
 			/* this address is ready */
 			ours = 1;
 			deliverifp = ia6->ia_ifp;	/* correct? */

CVS commit: src/sys

Reply via email to