From 2268ca475bd99075c11f45d435125a26fd24e337 Mon Sep 17 00:00:00 2001 From: Sam Leffler Date: Sun, 5 Jan 2003 22:37:36 +0000 Subject: [PATCH] correct pkthdr length calculation for ipv6 echo packets; after moving a packet header with M_MOVE_PKTHDR one should not reference the packet header in the original packet; in this case the code was assuming that m_adj would alter m_pkthdr.len which stopped happening because M_MOVE_PKTHDR removes the M_PKTHDR bit from m_flags Submitted by: Bill Fenner --- sys/netinet6/icmp6.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c index a0bc16544f6..b2781a4c19e 100644 --- a/sys/netinet6/icmp6.c +++ b/sys/netinet6/icmp6.c @@ -551,6 +551,7 @@ icmp6_input(mp, offp, proto) || n->m_len < off + sizeof(struct icmp6_hdr)) { struct mbuf *n0 = n; const int maxlen = sizeof(*nip6) + sizeof(*nicmp6); + int n0len; /* * Prepare an internal mbuf. m_pullup() doesn't @@ -574,6 +575,7 @@ icmp6_input(mp, offp, proto) m_freem(n0); break; } + n0len = n0->m_pkthdr.len; /* save for use below */ M_MOVE_PKTHDR(n, n0); /* * Copy IPv6 and ICMPv6 only. @@ -583,14 +585,15 @@ icmp6_input(mp, offp, proto) nicmp6 = (struct icmp6_hdr *)(nip6 + 1); bcopy(icmp6, nicmp6, sizeof(struct icmp6_hdr)); noff = sizeof(struct ip6_hdr); - n->m_pkthdr.len = n->m_len = - noff + sizeof(struct icmp6_hdr); + /* new mbuf contains only ipv6+icmpv6 headers */ + n->m_len = noff + sizeof(struct icmp6_hdr); /* * Adjust mbuf. ip6_plen will be adjusted in * ip6_output(). */ m_adj(n0, off + sizeof(struct icmp6_hdr)); - n->m_pkthdr.len += n0->m_pkthdr.len; + /* recalculate complete packet size */ + n->m_pkthdr.len = n0len + (noff - off); n->m_next = n0; } else { nip6 = mtod(n, struct ip6_hdr *); -- 2.45.2