mirrors/passt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tap: Make sure we don't receive frames bigger than ETH_MAX_MTU from qemu

Browse source 
And while at it, remove some attributes that are not needed anymore
after introducing command line options.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2021-09-01 16:38:49 +02:00
parent 353185cd36
commit 75a7239e5b
1 changed files with 4 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
tap.c
View file

@ -322,8 +322,7 @@ static int tap4_handler(struct ctx *c, struct tap_msg *msg, size_t count,
static int tap6_handler(struct ctx *c, struct tap_msg *msg, size_t count, static int tap6_handler(struct ctx *c, struct tap_msg *msg, size_t count,
struct timespec *now, int first) struct timespec *now, int first)
{ {
char buf_s[INET6_ADDRSTRLEN] __attribute((__unused__)); char buf_s[INET6_ADDRSTRLEN], buf_d[INET6_ADDRSTRLEN];
char buf_d[INET6_ADDRSTRLEN] __attribute((__unused__));
struct ethhdr *eh = (struct ethhdr *)msg[0].start; struct ethhdr *eh = (struct ethhdr *)msg[0].start;
struct udphdr *uh, *prev_uh = NULL; struct udphdr *uh, *prev_uh = NULL;
uint8_t proto = 0, prev_proto = 0; uint8_t proto = 0, prev_proto = 0;
@ -462,12 +461,12 @@ static int tap_handler_passt(struct ctx *c, struct timespec *now)
while (n > (ssize_t)sizeof(uint32_t)) { while (n > (ssize_t)sizeof(uint32_t)) {
ssize_t len = ntohl(*(uint32_t *)p); ssize_t len = ntohl(*(uint32_t *)p);
if (len < (ssize_t)sizeof(*eh) || len > ETH_MAX_MTU)
return 0;
p += sizeof(uint32_t); p += sizeof(uint32_t);
n -= sizeof(uint32_t); n -= sizeof(uint32_t);
if (len < (ssize_t)sizeof(*eh))
return 0;
/* At most one packet might not fit in a single read */ /* At most one packet might not fit in a single read */
if (len > n) { if (len > n) {
rem = recv(c->fd_tap, p + n, len - n, MSG_DONTWAIT); rem = recv(c->fd_tap, p + n, len - n, MSG_DONTWAIT);