chiark
/
gitweb
/
~ian
/
secnet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
slip: Drop packets >mtu (SECURITY)
[secnet.git]
/
slip.c
diff --git
a/slip.c
b/slip.c
index 9e63cb3cd6f3714c37524ca10f1e66f70c6cf9a1..aed2551de70d2d695ec1ef99e04081923227dabf 100644
(file)
--- a/
slip.c
+++ b/
slip.c
@@
-213,6
+213,14
@@
static void userv_deliver_to_kernel(void *sst, struct buffer_if *buf)
{
struct userv *st=sst;
{
struct userv *st=sst;
+ if (buf->size > st->slip.nl.mtu) {
+ Message(M_ERR,"%s: packet of size %"PRIu32" exceeds mtu %"PRIu32":"
+ " cannot be injected into kernel, dropped\n",
+ st->slip.nl.name, buf->size, st->slip.nl.mtu);
+ BUF_FREE(buf);
+ return;
+ }
+
slip_stuff(&st->slip,buf,st->txfd);
}
slip_stuff(&st->slip,buf,st->txfd);
}