From 74c8ac698c9829f14fb658bb2ff2fe17503505fe Mon Sep 17 00:00:00 2001 From: lteo Date: Sun, 10 Aug 2014 03:26:20 +0000 Subject: [PATCH] Fix the length check for reinjected ICMP packets: sizeof(struct icmp) is 28 but an ICMP packet can be as small as 8 bytes (e.g. an ICMP echo request packet with no payload), so check against ICMP_MINLEN instead. Prior to this fix, divert(4) would erroneously discard valid ICMP packets that are shorter than 20 bytes. ICMPv6 is not affected, so this change applies to ICMP over IPv4 only. ok florian@ henning@ --- sys/netinet/ip_divert.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index 3547df8c519..7055f63ef77 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_divert.c,v 1.28 2014/08/10 03:24:51 lteo Exp $ */ +/* $OpenBSD: ip_divert.c,v 1.29 2014/08/10 03:26:20 lteo Exp $ */ /* * Copyright (c) 2009 Michele Marchetto @@ -126,7 +126,7 @@ divert_output(struct inpcb *inp, struct mbuf *m, struct mbuf *nam, m->m_pkthdr.csum_flags |= M_UDP_CSUM_OUT; break; case IPPROTO_ICMP: - min_hdrlen = sizeof(struct icmp); + min_hdrlen = ICMP_MINLEN; m->m_pkthdr.csum_flags |= M_ICMP_CSUM_OUT; break; default: -- 2.20.1