Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

===================================================================
RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -p -r1.80 -r1.81
--- src/sys/netinet/ip_input.c	1999/01/19 23:39:57	1.80
+++ src/sys/netinet/ip_input.c	1999/03/26 08:51:36	1.81
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip_input.c,v 1.80 1999/01/19 23:39:57 mycroft Exp $	*/
+/*	$NetBSD: ip_input.c,v 1.81 1999/03/26 08:51:36 proff Exp $	*/
 
 /*-
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -353,6 +353,15 @@ next:
 	len = ip->ip_len;
 
 	/*
+	 * Check for additional length bogosity
+	 */
+	if (len < hlen)
+	{
+	 	ipstat.ips_badlen++;
+		goto bad;
+	}
+
+	/*
 	 * Check that the amount of data in the buffers
 	 * is as at least much as the IP header would have us expect.
 	 * Trim mbufs if longer than we expect.