[dpdk-dev] [PATCH v3 1/4] ip_frag: ensure minimum v4 fragmentation length
Ananyev, Konstantin
konstantin.ananyev at intel.com
Tue Apr 7 13:10:03 CEST 2020
>
> The IPv4 specification says that each fragment must at least the size of
> an IP header plus 8 octets. When attempting to run ipfrag using a
> smaller size, the fragment library will return successful completion,
> even though it is a violation of RFC791 (and updates).
>
> Signed-off-by: Aaron Conole <aconole at redhat.com>
> ---
> lib/librte_ip_frag/rte_ipv4_fragmentation.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/lib/librte_ip_frag/rte_ipv4_fragmentation.c b/lib/librte_ip_frag/rte_ipv4_fragmentation.c
> index 9e9f986cc5..4baaf6355c 100644
> --- a/lib/librte_ip_frag/rte_ipv4_fragmentation.c
> +++ b/lib/librte_ip_frag/rte_ipv4_fragmentation.c
> @@ -76,6 +76,12 @@ rte_ipv4_fragment_packet(struct rte_mbuf *pkt_in,
> uint16_t fragment_offset, flag_offset, frag_size;
> uint16_t frag_bytes_remaining;
>
> + /*
> + * Ensure the IP fragmentation size is at least iphdr length + 8 octets
> + */
> + if (unlikely(mtu_size < (sizeof(struct rte_ipv4_hdr) + 8*sizeof(char))))
> + return -EINVAL;
> +
Same comment as for ipv6: ipv4 min MTU is 68B.
Why do we need extra checking here?
> /*
> * Ensure the IP payload length of all fragments is aligned to a
> * multiple of 8 bytes as per RFC791 section 2.3.
> --
> 2.25.1
More information about the dev
mailing list