aboutsummaryrefslogtreecommitdiff
path: root/sbin/mount_ifs
diff options
context:
space:
mode:
authorKristof Provost <kp@FreeBSD.org>2022-07-05 17:27:00 +0000
committerKristof Provost <kp@FreeBSD.org>2022-07-05 17:27:00 +0000
commit6ba6c05cb2d4dd6510637fecb31e2b66e7495467 (patch)
tree9225c5b6a12af0b4e6c9ac8b48b32d3fbc45fa1e /sbin/mount_ifs
parentcbb019b831ad59ead34b825bf053169ebbe81bbf (diff)
downloadsrc-6ba6c05cb2d4dd6510637fecb31e2b66e7495467.tar.gz
src-6ba6c05cb2d4dd6510637fecb31e2b66e7495467.zip
if_ovpn: deal with short packets
If we receive a UDP packet (directed towards an active OpenVPN socket) which is too short to contain an OpenVPN header ('struct ovpn_wire_header') we wound up making m_copydata() read outside the mbuf, and panicking the machine. Explicitly check that the packet is long enough to copy the data we're interested in. If it's not we will pass the packet to userspace, just like we'd do for an unknown peer. Extend a test case to provoke this situation. Sponsored by: Rubicon Communications, LLC ("Netgate")
Diffstat (limited to 'sbin/mount_ifs')
0 files changed, 0 insertions, 0 deletions