fix the length check on arp packets when handling arp filter rules.

author dlg <dlg@openbsd.org>

Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)

committer dlg <dlg@openbsd.org>

Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)
author dlg <dlg@openbsd.org>
Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)
committer dlg <dlg@openbsd.org>
Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)
diff --git a/sys/net/bridgectl.c b/sys/net/bridgectl.c

index b3fe4b6..5114da2 100644 (file)
--- a/sys/net/bridgectl.c
+++ b/sys/net/bridgectl.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: bridgectl.c,v 1.23 2021/01/28 20:06:38 mvs Exp $      */
+/*     $OpenBSD: bridgectl.c,v 1.24 2021/02/24 06:44:54 dlg Exp $      */
  
  /*
   * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net)
@@ -667,7 +667,7 @@ bridge_arpfilter(struct brl_node *n, struct ether_header *eh, struct mbuf *m)
  
         if (ntohs(eh->ether_type) != ETHERTYPE_ARP)
                 return (0);
-       if (m->m_pkthdr.len <= ETHER_HDR_LEN + sizeof(ea))
+       if (m->m_pkthdr.len < ETHER_HDR_LEN + sizeof(ea))
                 return (0);     /* log error? */
         m_copydata(m, ETHER_HDR_LEN, sizeof(ea), (caddr_t)&ea);
author	dlg <dlg@openbsd.org>
	Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)
committer	dlg <dlg@openbsd.org>
	Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)