CVSROOT: /cvs Module name: src Changes by: [email protected] 2013/06/17 13:50:06
Modified files:
sys/net : pf.c pf_norm.c
Log message:
Before pulling the TCP options from the mbuf onto the stack, do an
additional length check in pf_modulate_sack() and pf_normalize_mss().
Overflow cannot happen due to the restricted values in the length
calculation. As this is not obvious, be better safe than sorry.
OK henning@
