From: lteo Date: Sun, 10 Aug 2014 03:26:20 +0000 (+0000) Subject: Fix the length check for reinjected ICMP packets: sizeof(struct icmp) is X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=74c8ac698c9829f14fb658bb2ff2fe17503505fe;p=openbsd Fix the length check for reinjected ICMP packets: sizeof(struct icmp) is 28 but an ICMP packet can be as small as 8 bytes (e.g. an ICMP echo request packet with no payload), so check against ICMP_MINLEN instead. Prior to this fix, divert(4) would erroneously discard valid ICMP packets that are shorter than 20 bytes. ICMPv6 is not affected, so this change applies to ICMP over IPv4 only. ok florian@ henning@ --- diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index 3547df8c519..7055f63ef77 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_divert.c,v 1.28 2014/08/10 03:24:51 lteo Exp $ */ +/* $OpenBSD: ip_divert.c,v 1.29 2014/08/10 03:26:20 lteo Exp $ */ /* * Copyright (c) 2009 Michele Marchetto @@ -126,7 +126,7 @@ divert_output(struct inpcb *inp, struct mbuf *m, struct mbuf *nam, m->m_pkthdr.csum_flags |= M_UDP_CSUM_OUT; break; case IPPROTO_ICMP: - min_hdrlen = sizeof(struct icmp); + min_hdrlen = ICMP_MINLEN; m->m_pkthdr.csum_flags |= M_ICMP_CSUM_OUT; break; default: