Module Name: src
Committed By: maxv
Date: Tue May 29 08:24:59 UTC 2018
Modified Files:
src/sys/net: if_ethersubr.c
Log Message:
Replace KASSERT by m_pullup. While the ethernet header is always there
when the packet was received on a physical interface, it may not be if
the packet was received over L2TP/EtherIP.
In particular, if the inner ethernet header ends up on two separate IP
fragments. Here the KASSERT is triggered, and on !DIAGNOSTIC we corrupt
memory.
Note that this is a widespread problem: a lot of L2 code was written with
the assumption that "most" headers are present in the first mbuf.
Obviously, that's not true if L2 encapsulation is being used.
To generate a diff of this commit:
cvs rdiff -u -r1.266 -r1.267 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.266 src/sys/net/if_ethersubr.c:1.267
--- src/sys/net/if_ethersubr.c:1.266 Wed May 9 06:35:10 2018
+++ src/sys/net/if_ethersubr.c Tue May 29 08:24:59 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.266 2018/05/09 06:35:10 maxv Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.267 2018/05/29 08:24:59 maxv Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.266 2018/05/09 06:35:10 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.267 2018/05/29 08:24:59 maxv Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -588,12 +588,16 @@ ether_input(struct ifnet *ifp, struct mb
KASSERT(!cpu_intr_p());
KASSERT((m->m_flags & M_PKTHDR) != 0);
- KASSERT(m->m_len >= sizeof(*eh));
if ((ifp->if_flags & IFF_UP) == 0) {
m_freem(m);
return;
}
+ if (m->m_len < sizeof(*eh)) {
+ m = m_pullup(m, sizeof(*eh));
+ if (m == NULL)
+ return;
+ }
#ifdef MBUFTRACE
m_claimm(m, &ec->ec_rx_mowner);
