]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f7a6418) | patch
libsystemd-network: check size of icmpv6 packets
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 14 May 2024 16:43:29 +0000 (18:43 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 14 May 2024 16:56:35 +0000 (18:56 +0200)
commitcaa4bfd4688f0997d724acd8be759f17b7ae3291
tree8e4122ee575229c8b64596d866e8a2bac9c3213ftree | snapshot
parentf7a6418d47d141f4543aa01253f64f60ffdd2e17commit | diff
libsystemd-network: check size of icmpv6 packets

Coverity was complaining that we use the received packet size as a loop bound
without checking. This is indeed a bit iffy, because depending on how the host
is configured, the packet could be rather large. Let's refuse anything more
than the standard size early to prevent suspicious activity.

Resolves coverity CID#1534892, CID#1543949.
src/libsystemd-network/icmp6-packet.c diff | blob | blame | history
src/libsystemd-network/icmp6-packet.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.