From 3a1711055071fa898ff4b65331048b558619f016 Mon Sep 17 00:00:00 2001 From: dlg Date: Wed, 24 Feb 2021 06:44:54 +0000 Subject: [PATCH] fix the length check on arp packets when handling arp filter rules. another bridge feature i'm not convinced people actually use. ok jmatthew@ claudio@ --- sys/net/bridgectl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/net/bridgectl.c b/sys/net/bridgectl.c index b3fe4b623cc..5114da231ba 100644 --- a/sys/net/bridgectl.c +++ b/sys/net/bridgectl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bridgectl.c,v 1.23 2021/01/28 20:06:38 mvs Exp $ */ +/* $OpenBSD: bridgectl.c,v 1.24 2021/02/24 06:44:54 dlg Exp $ */ /* * Copyright (c) 1999, 2000 Jason L. Wright (jason@thought.net) @@ -667,7 +667,7 @@ bridge_arpfilter(struct brl_node *n, struct ether_header *eh, struct mbuf *m) if (ntohs(eh->ether_type) != ETHERTYPE_ARP) return (0); - if (m->m_pkthdr.len <= ETHER_HDR_LEN + sizeof(ea)) + if (m->m_pkthdr.len < ETHER_HDR_LEN + sizeof(ea)) return (0); /* log error? */ m_copydata(m, ETHER_HDR_LEN, sizeof(ea), (caddr_t)&ea); -- 2.20.1