Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 2008912) | patch
ip: extension header parsing fails for fragment header 76/34576/9
authorOle Troan <ot@cisco.com>
Tue, 23 Nov 2021 14:55:39 +0000 (15:55 +0100)
committerDamjan Marion <dmarion@me.com>
Fri, 3 Dec 2021 09:35:30 +0000 (09:35 +0000)
commit03092c1982468ff6ffe260b0215f910d4c486b04
tree0d58999070b677d38e2aa2f5da4341383beedbb3tree | snapshot
parent2008912b56abbf3167faf9b787df76605684d9e1commit | diff
ip: extension header parsing fails for fragment header

Refactor and improve boundary checking on IPv6 extension header handling.
Limit parsing of IPv6 extension headers to a maximum of 4 headers and a
depth of 256 bytes.

Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556
Signed-off-by: Ole Troan <ot@cisco.com>
src/vnet/ip/ip6_format.c diff | blob | history
src/vnet/ip/ip6_forward.c diff | blob | history
src/vnet/ip/ip6_inlines.h diff | blob | history
src/vnet/ip/ip6_packet.h diff | blob | history
src/vnet/ip/ip6_to_ip4.h diff | blob | history
src/vnet/ip/reass/ip6_full_reass.c diff | blob | history
src/vnet/ip/reass/ip6_sv_reass.c diff | blob | history
src/vnet/ipsec/esp_encrypt.c diff | blob | history
test/test_reassembly.py diff | blob | history
Vector Packet Processing