ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

ip-packet: Fix "packet too short" error when parsing fragmented IPv4 packets 

Only attempt to parse the transport header of an IPv4 packet if it's
not fragmented or the first fragment.
This commit is contained in:
Tobias Brunner 2017-09-01 08:57:56 +02:00
parent 42aa569617
commit b3cc46381d
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/libipsec/ip_packet.c
View File

@ -55,6 +55,10 @@ struct ip6_hdr {
#define HAVE_NETINET_IP6_H /* not really, but we only need the struct above */
#endif
#ifndef IP_OFFMASK
#define IP_OFFMASK 0x1fff
#endif
/**
* TCP header, defined here because platforms disagree regarding member names
* and unfortunately Android does not define a variant with BSD names.
@ -253,7 +257,8 @@ ip_packet_t *ip_packet_create(chunk_t packet)
/* remove any RFC 4303 TFC extra padding */
packet.len = min(packet.len, untoh16(&ip->ip_len));
payload = chunk_skip(packet, ip->ip_hl * 4);
if (!parse_transport_header(payload, ip->ip_p, &sport, &dport))
if ((ip->ip_off & htons(IP_OFFMASK)) == 0 &&
!parse_transport_header(payload, ip->ip_p, &sport, &dport))
{
goto failed;
}