projects / platform / kernel / u-boot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e9d3fc7)
net: improve check for no IP options
authorRasmus Villemoes <rasmus.villemoes@prevas.dk>
Fri, 14 Oct 2022 17:43:37 +0000 (19:43 +0200)
committerTom Rini <trini@konsulko.com>
Mon, 28 Nov 2022 15:25:18 +0000 (10:25 -0500)
There's no reason we should accept an IP packet with a malformed IHL
field. So ensure that it is exactly 5, not just <= 5.

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Reviewed-by: Ramon Fried <rfried.dev@gmail.com>
net/net.c patch | blob | history

diff --git a/net/net.c b/net/net.c
index b27b021..be4374f 100644 (file)
--- a/net/net.c
+++ b/net/net.c
@@ -1226,7 +1226,7 @@ void net_process_received_packet(uchar *in_packet, int len)
                if ((ip->ip_hl_v & 0xf0) != 0x40)
                        return;
                /* Can't deal with IP options (headers != 20 bytes) */
-               if ((ip->ip_hl_v & 0x0f) > 0x05)
+               if ((ip->ip_hl_v & 0x0f) != 0x05)
                        return;
                /* Check the Checksum of the header */
                if (!ip_checksum_ok((uchar *)ip, IP_HDR_SIZE)) {
Domain: System / Kernel;