upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-11 09:41:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

ipv6: account for jumbo payload option

Browse source 
If a jumbo payload option is added, the length of the mbuf chain is
increased by 8 but the actual hop-by-hop extension header with the
jumbo playload option is only inserted in the packet if there are
other options. Therefore, adjust optlen to reflect the actual size
of IPv6 extension headers including the hop-by-hop extension header
containing the jumbo payload option.

Reported by:		syzbot+73fe316271df473230eb@syzkaller.appspotmail.com
Reviewed by:		markj, Timo Voelker
Differential Revision:	https://reviews.freebsd.org/D54394

(cherry picked from commit 1f5b1de1fdf2924066c1851ed6c73f36fe20b438)
This commit is contained in:
Michael Tuexen 2026-01-16 12:49:40 +01:00 committed by Franco Fichtner
parent 6e530e85be
commit e55e4cbdfb
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
sys/netinet6/ip6_output.c
View file

@ -585,6 +585,7 @@ no_ipsec:;
if ((error = ip6_insert_jumboopt(&exthdrs, plen)) != 0)
goto freehdrs;
ip6->ip6_plen = 0;
optlen += 8; /* JUMBOOPTLEN */
} else
ip6->ip6_plen = htons(plen);
nexthdrp = &ip6->ip6_nxt;