Received: by mail.netbsd.org (Postfix, from userid 605) id D036D84E05; Thu, 7 Jun 2018 16:05:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id BCDB784DB2 for ; Thu, 7 Jun 2018 16:05:09 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id 7CDjxtLOGHwU for ; Thu, 7 Jun 2018 16:05:09 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 4FE5584CCF for ; Thu, 7 Jun 2018 16:05:09 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 43E40FBEC; Thu, 7 Jun 2018 16:05:09 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Thu, 7 Jun 2018 16:05:09 +0000 From: "Martin Husemann" Subject: CVS commit: [netbsd-8] src/sys/netinet To: source-changes@NetBSD.org X-Mailer: log_accum Message-Id: <20180607160509.43E40FBEC@cvs.NetBSD.org> Sender: source-changes-owner@NetBSD.org List-Id: source-changes.NetBSD.org Precedence: bulk Reply-To: source-changes-d@NetBSD.org Mail-Reply-To: "Martin Husemann" Mail-Followup-To: source-changes-d@NetBSD.org List-Unsubscribe: Module Name: src Committed By: martin Date: Thu Jun 7 16:05:09 UTC 2018 Modified Files: src/sys/netinet [netbsd-8]: udp_usrreq.c Log Message: Pull up following revision(s) (requested by maxv in ticket #837): sys/netinet/udp_usrreq.c: revision 1.237 Fix three pretty bad mistakes in NAT-T: * If we got a keepalive packet, we need to call m_freem, not m_free. Here the next mbufs in the chain are not freed. Seems easy to remotely DoS the system by sending fragmented keepalives in a loop. * If !ipsec_used, free the mbuf. * In udp_input, we need to update 'uh', because udp4_realinput may have modified the chain. Perhaps we also need to re-enforce alignment, so add an XXX. To generate a diff of this commit: cvs rdiff -u -r1.233.4.2 -r1.233.4.3 src/sys/netinet/udp_usrreq.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.