[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] grub-core/net/arp.c: trim arp packets with abnormal size.
From: |
Vladimir 'φ-coder/phcoder' Serbinenko |
Subject: |
Re: [PATCH] grub-core/net/arp.c: trim arp packets with abnormal size. |
Date: |
Fri, 31 Jan 2014 19:08:54 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.2.0 |
On 31.01.2014 16:35, Paulo Flabiano Smorigo wrote:
> * grub-core/net/arp.c (grub_net_arp_receive): Trim arp packets with abnormal
> size.
>
> GRUB uses arp request to create the arp response. If the incoming packet is
> foobared, GRUB needs to trim the arp response packet before sending it.
>
> This is just a fix in time for 2.02. I'm planning to rewrite the arp response
> code
> after the release.
>
> diff --git a/ChangeLog b/ChangeLog
> index cfa9c83..10e9c3d 100644
> --- a/ChangeLog
> +++ b/ChangeLog
> @@ -1,3 +1,11 @@
> +2014-01-31 Paulo Flabiano Smorigo <address@hidden>
> +
> + * grub-core/net/arp.c (grub_net_arp_receive): Trim arp packets with
> + abnormal size.
> +
> + GRUB uses arp request to create the arp response. If the incoming
> packet is
> + foobared, GRUB needs to trim the arp response packet before sending it.
> +
> 2014-01-29 Vladimir Serbinenko <address@hidden>
>
> * grub-core/disk/ahci.c: Increase timeout. Some SSDs take up to
> diff --git a/grub-core/net/arp.c b/grub-core/net/arp.c
> index d62d0cc..77581f4 100644
> --- a/grub-core/net/arp.c
> +++ b/grub-core/net/arp.c
> @@ -162,6 +162,12 @@ grub_net_arp_receive (struct grub_net_buff *nb,
> if (grub_net_addr_cmp (&inf->address, &target_addr) == 0
> && grub_be_to_cpu16 (arp_header->op) == ARP_REQUEST)
> {
> + if ((nb->tail - nb->data) > 50)
> + {
> + grub_dprintf ("net", "arp packet with abnormal size (%ld
> bytes).\n",
> + nb->tail - nb->data);
> + nb->tail = nb->data + 50;
> + }
This is not right solution, I already commented on it. Instead you need
to recompute arp length from its fields.
> grub_net_link_level_address_t target;
> /* We've already checked that pln is either 4 or 16. */
> char tmp[16];
>
signature.asc
Description: OpenPGP digital signature