Module Name: src
Committed By: maxv
Date: Fri Jan 19 13:17:29 UTC 2018
Modified Files:
src/sys/netinet: ip_icmp.c
Log Message:
Fix a buffer overflow in icmp_error. We create in 'm' a packet that must
contain:
IPv4 header | Fixed part of ICMP header | Variable part of ICMP header
But we perform length checks on 'totlen', which does not count the IPv4
header.
So now, add sizeof(struct ip) in totlen, and stop doing this m_data
nonsense, just get the pointers as usual.
To generate a diff of this commit:
cvs rdiff -u -r1.162 -r1.163 src/sys/netinet/ip_icmp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
