[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-devel] [patch #9217] IPv6 patches: reassembly, length check improv
|
From: |
David van Moolenbroek |
|
Subject: |
[lwip-devel] [patch #9217] IPv6 patches: reassembly, length check improvements |
|
Date: |
Mon, 9 Jan 2017 21:53:36 +0000 (UTC) |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0 |
URL:
<http://savannah.nongnu.org/patch/?9217>
Summary: IPv6 patches: reassembly, length check improvements
Project: lwIP - A Lightweight TCP/IP stack
Submitted by: dcvmoole
Submitted on: Mon 09 Jan 2017 09:53:35 PM GMT
Category: IPv6
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Planned Release: None
_______________________________________________________
Details:
My attempt to receive a 65535-byte IPv6 packet ended up triggering the new
overflow check from patch #9209, and my attempt to fix the underlying cause
brought up even more issues..
0001-IPv6-fragment-reassembly-fixes: This patch 1) changes the IPv6
fragmentation code to support reassembly of packets with "unfragmentable"
extension headers [*]; 2) stops private data structures (garbage) from being
included in ICMPv6 reassembly-timed-out messages; and, 3) implements
reassembly correctly even for very large packets. I feel obliged to add that
this patch is somewhat under-tested as I have no effective way of testing some
of it, but I contend that it is enough of a structural improvement that it is
worth merging either way. Also, it does resolve my original problem.. :) If
necessary I can work on splitting it into multiple patches. All feedback
welcome etc
0002-ip6-improve-length-checks-for-extension-headers: This patch fixes a few
"potential read beyond buffer end" cases.
[*] as far as I can tell, this was supported originally (as per RFC
requirements) but was lost as part of the IPV6_FRAG_COPYHEADER work, which
structurally assumes that the header before the fragment header is the ipv6
header itself.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Mon 09 Jan 2017 09:53:35 PM GMT Name:
0001-IPv6-fragment-reassembly-fixes.patch Size: 18kB By: dcvmoole
<http://savannah.nongnu.org/patch/download.php?file_id=39416>
-------------------------------------------------------
Date: Mon 09 Jan 2017 09:53:35 PM GMT Name:
0002-ip6-improve-length-checks-for-extension-headers.patch Size: 5kB By:
dcvmoole
<http://savannah.nongnu.org/patch/download.php?file_id=39417>
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/patch/?9217>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
- [lwip-devel] [patch #9217] IPv6 patches: reassembly, length check improvements,
David van Moolenbroek <=