d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7f0983ee33
numam-dpdk/lib/librte_ip_frag
History
Konstantin Ananyev 7f0983ee33 ip_frag: check fragment length of incoming packet 
Under some conditions ill-formed fragments might cause
reassembly code to corrupt mbufs and/or crash.
Let say the following fragments sequence:
<ofs=0,len=100, flags=MF>
<ofs=96,len=100, flags=MF>
<ofs=200,len=0,flags=MF>
<ofs=200,len=100,flags=0>
can trigger the problem.
To overcome such situation, added check that fragment length
of incoming value is greater than zero.

Fixes: 601e279df0 ("ip_frag: move fragmentation/reassembly headers into a library")
Fixes: 4f1a8f6338 ("ip_frag: add IPv6 reassembly")
Cc: stable@dpdk.org

Reported-by: Ryan E Hall <ryan.e.hall@intel.com>
Reported-by: Alexander V Gutkin <alexander.v.gutkin@intel.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2018-11-06 01:58:03 +01:00
..
ip_frag_common.h ip_frag: fix overflow in key comparison 2018-10-28 11:16:49 +01:00
ip_frag_internal.c ip_frag: add function to delete expired entries 2018-09-19 19:45:38 +02:00
Makefile lib: use SPDX tag for Intel copyright files 2018-01-04 22:41:39 +01:00
meson.build build: replace license text with SPDX tag 2018-01-30 21:58:59 +01:00
rte_ip_frag_common.c ip_frag: add function to delete expired entries 2018-09-19 19:45:38 +02:00
rte_ip_frag_version.map ip_frag: add function to delete expired entries 2018-09-19 19:45:38 +02:00
rte_ip_frag.h ip_frag: add function to delete expired entries 2018-09-19 19:45:38 +02:00
rte_ipv4_fragmentation.c lib: use SPDX tag for Intel copyright files 2018-01-04 22:41:39 +01:00
rte_ipv4_reassembly.c ip_frag: check fragment length of incoming packet 2018-11-06 01:58:03 +01:00
rte_ipv6_fragmentation.c lib: use SPDX tag for Intel copyright files 2018-01-04 22:41:39 +01:00
rte_ipv6_reassembly.c ip_frag: check fragment length of incoming packet 2018-11-06 01:58:03 +01:00