The IPv4 specification says that each fragment must at least the size of
an IP header plus 8 octets. When attempting to run ipfrag using a
smaller size, the fragment library will return successful completion,
even though it is a violation of RFC791 (and updates).
Signed-off-by: Aaron Conole <acon...@redhat.com>
---
lib/librte_ip_frag/rte_ipv4_fragmentation.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib/librte_ip_frag/rte_ipv4_fragmentation.c
b/lib/librte_ip_frag/rte_ipv4_fragmentation.c
index 9e9f986cc5..4baaf6355c 100644
--- a/lib/librte_ip_frag/rte_ipv4_fragmentation.c
+++ b/lib/librte_ip_frag/rte_ipv4_fragmentation.c
@@ -76,6 +76,12 @@ rte_ipv4_fragment_packet(struct rte_mbuf *pkt_in,
uint16_t fragment_offset, flag_offset, frag_size;
uint16_t frag_bytes_remaining;
+ /*
+ * Ensure the IP fragmentation size is at least iphdr length + 8 octets
+ */
+ if (unlikely(mtu_size < (sizeof(struct rte_ipv4_hdr) + 8*sizeof(char))))
+ return -EINVAL;
+
/*
* Ensure the IP payload length of all fragments is aligned to a
* multiple of 8 bytes as per RFC791 section 2.3.
--
2.25.1
