diff options
| author | Vincenzo Maffione <vmaffione@FreeBSD.org> | 2021-09-26 13:44:51 +0000 |
|---|---|---|
| committer | Vincenzo Maffione <vmaffione@FreeBSD.org> | 2021-09-26 13:48:21 +0000 |
| commit | f7cef43aa9a357582a703c75dafa4a44c1b2f28c (patch) | |
| tree | 94c5dc315015deeb6ca02e4c46a95db45ba36721 | |
| parent | 8771ff75384dec8c9f95ce25b6ca9a639c4b208c (diff) | |
| download | src-f7cef43aa9a357582a703c75dafa4a44c1b2f28c.tar.gz src-f7cef43aa9a357582a703c75dafa4a44c1b2f28c.zip | |
nemtap: lb app: Validate ihl field when hashing packet
MFC after: 1 week
| -rw-r--r-- | tools/tools/netmap/pkt_hash.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/tools/tools/netmap/pkt_hash.c b/tools/tools/netmap/pkt_hash.c index 3071935e11ef..eb9704fd2058 100644 --- a/tools/tools/netmap/pkt_hash.c +++ b/tools/tools/netmap/pkt_hash.c @@ -150,7 +150,9 @@ decode_ip_n_hash(const struct ip *iph, uint8_t hash_split, uint8_t seed) { uint32_t rc = 0; - if (hash_split == 2) { + if (iph->ip_hl < 5 || iph->ip_hl * 4 > iph->ip_len) { + rc = 0; + } else if (hash_split == 2) { rc = sym_hash_fn(ntohl(iph->ip_src.s_addr), ntohl(iph->ip_dst.s_addr), ntohs(0xFFFD) + seed, |