From 15dee933de7d0e9060da90a821257f731c8f0414 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 14 Oct 2014 14:05:48 +0200 Subject: [PATCH] ip-packet: Fix removal of TFC padding for IPv6 The IPv6 length field denotes the payload length after the 40 bytes header. Fixes: 293515f95cf5 ("libipsec: remove extra RFC4303 TFC padding appended to inner payload") --- src/libipsec/ip_packet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libipsec/ip_packet.c b/src/libipsec/ip_packet.c index 8065262927..0998efa9d2 100644 --- a/src/libipsec/ip_packet.c +++ b/src/libipsec/ip_packet.c @@ -247,7 +247,7 @@ ip_packet_t *ip_packet_create(chunk_t packet) } ip = (struct ip6_hdr*)packet.ptr; /* remove any RFC 4303 TFC extra padding */ - packet.len = min(packet.len, untoh16(&ip->ip6_plen)); + packet.len = min(packet.len, 40 + untoh16(&ip->ip6_plen)); /* we only handle packets without extension headers, just skip the * basic IPv6 header */ payload = chunk_skip(packet, 40); -- 2.47.2