In most cases, IP fragments do not have an Ethernet padding. So

author bluhm <bluhm@openbsd.org>

Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)

committer bluhm <bluhm@openbsd.org>

Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)
author bluhm <bluhm@openbsd.org>
Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)
committer bluhm <bluhm@openbsd.org>
Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)
diff --git a/sys/net/pf_norm.c b/sys/net/pf_norm.c

index 6793171..3ca4464 100644 (file)
--- a/sys/net/pf_norm.c
+++ b/sys/net/pf_norm.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pf_norm.c,v 1.176 2015/04/17 16:42:50 bluhm Exp $ */
+/*     $OpenBSD: pf_norm.c,v 1.177 2015/04/29 18:05:56 bluhm Exp $ */
  
  /*
   * Copyright 2001 Niels Provos <provos@citi.umich.edu>
@@ -469,7 +469,8 @@ pf_join_fragment(struct pf_fragment *frag)
  
         m = frent->fe_m;
         /* Strip off any trailing bytes */
-       m_adj(m, (frent->fe_hdrlen + frent->fe_len) - m->m_pkthdr.len);
+       if ((frent->fe_hdrlen + frent->fe_len) < m->m_pkthdr.len)
+               m_adj(m, (frent->fe_hdrlen + frent->fe_len) - m->m_pkthdr.len);
         /* Magic from ip_input */
         m2 = m->m_next;
         m->m_next = NULL;
@@ -483,7 +484,8 @@ pf_join_fragment(struct pf_fragment *frag)
                 /* Strip off ip header */
                 m_adj(m2, frent->fe_hdrlen);
                 /* Strip off any trailing bytes */
-               m_adj(m2, frent->fe_len - m2->m_pkthdr.len);
+               if (frent->fe_len < m2->m_pkthdr.len);
+                       m_adj(m2, frent->fe_len - m2->m_pkthdr.len);
                 pool_put(&pf_frent_pl, frent);
                 pf_nfrents--;
                 m_cat(m, m2);
author	bluhm <bluhm@openbsd.org>
	Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)
committer	bluhm <bluhm@openbsd.org>
	Wed, 29 Apr 2015 18:05:56 +0000 (18:05 +0000)