Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v
rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present.
retrieving revision 1.79
retrieving revision 1.86
diff -u -p -r1.79 -r1.86
--- src/sys/netinet/ip_input.c	1999/01/19 23:03:21	1.79
+++ src/sys/netinet/ip_input.c	1999/05/03 22:12:44	1.86
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.79 1999/01/19 23:03:21 mycroft Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.86 1999/05/03 22:12:44 thorpej Exp $	*/
 
 /*-
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -340,6 +340,15 @@ next:
 		}
 		ip = mtod(m, struct ip *);
 	}
+	/*
+	 * we drop packets that have a multicast address as source
+	 * as wanted by rfc 1112
+	 */
+	if (IN_MULTICAST(ip->ip_src.s_addr)) {
+		ipstat.ips_odropped++;
+		goto bad;
+	}
+
 	if (in_cksum(m, hlen) != 0) {
 		ipstat.ips_badsum++;
 		goto bad;
@@ -349,11 +358,18 @@ next:
 	 * Convert fields to host representation.
 	 */
 	NTOHS(ip->ip_len);
-	NTOHS(ip->ip_id);
 	NTOHS(ip->ip_off);
 	len = ip->ip_len;
 
 	/*
+	 * Check for additional length bogosity
+	 */
+	if (len < hlen) {
+	 	ipstat.ips_badlen++;
+		goto bad;
+	}
+
+	/*
 	 * Check that the amount of data in the buffers
 	 * is as at least much as the IP header would have us expect.
 	 * Trim mbufs if longer than we expect.
@@ -412,7 +428,8 @@ next:
 	 * Check our list of addresses, to see if the packet is for us.
 	 */
 	INADDR_TO_IA(ip->ip_dst, ia);
-	if (ia != NULL) goto ours;
+	if (ia != NULL)
+		goto ours;
 	if (m->m_pkthdr.rcvif->if_flags & IFF_BROADCAST) {
 		for (ifa = m->m_pkthdr.rcvif->if_addrlist.tqh_first;
 		    ifa != NULL; ifa = ifa->ifa_list.tqe_next) {
@@ -461,13 +478,11 @@ next:
 			 * as expected when ip_mforward() is called from
 			 * ip_output().)
 			 */
-			ip->ip_id = htons(ip->ip_id);
 			if (ip_mforward(m, m->m_pkthdr.rcvif) != 0) {
 				ipstat.ips_cantforward++;
 				m_freem(m);
 				goto next;
 			}
-			ip->ip_id = ntohs(ip->ip_id);
 
 			/*
 			 * The process-level routing demon needs to receive
@@ -582,6 +597,9 @@ found:
 	/*
 	 * Switch out to protocol's input routine.
 	 */
+#if IFA_STATS
+	ia->ia_ifa.ifa_data.ifad_inbytes += ip->ip_len;
+#endif
 	ipstat.ips_delivered++;
 	(*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen);
 	goto next;