[v2,2/4] ip_frag: ensure minimum v6 fragmentation length
diff mbox series

Message ID 20200401131849.2209336-3-aconole@redhat.com
State Superseded, archived
Delegated to: Thomas Monjalon
Headers show
Series
  • ip_frag: add a unit test for fragmentation
Related show

Checks

Context Check Description
ci/Intel-compilation fail Compilation issues
ci/checkpatch success coding style OK

Commit Message

Aaron Conole April 1, 2020, 1:18 p.m. UTC
Similar to v4, we should ensure that at least a minimum fragmentation
length can be achieved.

Signed-off-by: Aaron Conole <aconole@redhat.com>
---
 lib/librte_ip_frag/rte_ipv6_fragmentation.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

Patch
diff mbox series

diff --git a/lib/librte_ip_frag/rte_ipv6_fragmentation.c b/lib/librte_ip_frag/rte_ipv6_fragmentation.c
index 43449970e5..820a5dc725 100644
--- a/lib/librte_ip_frag/rte_ipv6_fragmentation.c
+++ b/lib/librte_ip_frag/rte_ipv6_fragmentation.c
@@ -79,6 +79,17 @@  rte_ipv6_fragment_packet(struct rte_mbuf *pkt_in,
 	uint16_t fragment_offset, frag_size;
 	uint64_t frag_bytes_remaining;
 
+	/*
+	 * The rules on ipv6 fragmentation means we need at least to be
+	 * greater than the smallest fragment possible - ipv6hdr + frag header
+	 * + min octets.  We rely on the ipv6_extension_fragment header to
+	 * include 'data' octets.
+	 */
+	if (unlikely(mtu_size <
+		     (sizeof(struct rte_ipv6_hdr) +
+		      sizeof(struct ipv6_extension_fragment))))
+		return -EINVAL;
+
 	/*
 	 * Ensure the IP payload length of all fragments (except the
 	 * the last fragment) are a multiple of 8 bytes per RFC2460.