src/sys/netinet/ip_input.c - diff

Return to ip_input.c CVS log

Up to [cvs.NetBSD.org] / src / sys / netinet

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

version 1.256.2.1, 2007/12/26 19:57:39

version 1.257, 2007/12/20 19:53:32

Line 896 ours:

* but it's not worth the time; just let them time out.)

if (ip->ip_off & ~htons(IP_DF|IP_RF)) {

uint16_t off;

* Prevent TCP blind data attacks by not allowing non-initial

* fragments to start at less than 68 bytes (minimal fragment

* size) and making sure the first fragment is at least 68

* bytes.

off = (ntohs(ip->ip_off) & IP_OFFMASK) << 3;

if ((off > 0 ? off + hlen : len) < IP_MINFRAGSIZE - 1) {

ipstat.ips_badfrags++;

goto bad;

}

* Look for queue of fragments

* of this datagram.

Line 918 ours:

Line 907 ours:

if (ip->ip_id == fp->ipq_id &&

in_hosteq(ip->ip_src, fp->ipq_src) &&

in_hosteq(ip->ip_dst, fp->ipq_dst) &&

ip->ip_p == fp->ipq_p) {

ip->ip_p == fp->ipq_p)

* Make sure the TOS is matches previous

* fragments.

if (ip->ip_tos != fp->ipq_tos) {

ipstat.ips_badfrags++;

goto bad;

}

goto found;

}

fp = 0;

found:

Line 1124 ip_reass(struct ipqent *ipqe, struct ipq

Line 1105 ip_reass(struct ipqent *ipqe, struct ipq

fp->ipq_ttl = IPFRAGTTL;

fp->ipq_p = ipqe->ipqe_ip->ip_p;

fp->ipq_id = ipqe->ipqe_ip->ip_id;

fp->ipq_tos = ipqe->ipqe_ip->ip_tos;

TAILQ_INIT(&fp->ipq_fragq);

fp->ipq_src = ipqe->ipqe_ip->ip_src;

fp->ipq_dst = ipqe->ipqe_ip->ip_dst;