| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87h7pvvtk9.fsf@cloudflare.com>
Date: Thu, 12 Nov 2020 10:00:06 +0100
From: Jakub Sitnicki <jakub@...udflare.com>
To: Daniel Borkmann <daniel@...earbox.net>,
Santucci Pierpaolo <santucci@...genesys.com>
Cc: Andrii Nakryiko <andrii.nakryiko@...il.com>,
Shuah Khan <shuah@...nel.org>,
Alexei Starovoitov <ast@...nel.org>, Martin Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
Andrii Nakryiko <andrii@...nel.org>,
john fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...omium.org>,
Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
sdf@...gle.com
Subject: Re: [PATCH] selftest/bpf: fix IPV6FR handling in flow dissector
On Thu, Nov 12, 2020 at 12:06 AM CET, Daniel Borkmann wrote:
[...]
>>> I'm not initimately familiar with this test, but looking at the change
>>> I'd consider that Destinations Options and encapsulation headers can
>>> follow the Fragment Header.
>>>
>>> With enough of Dst Opts or levels of encapsulation, transport header
>>> could be pushed to the 2nd fragment. So I'm not sure if the assertion
>>> from the IPv4 dissector that 2nd fragment and following doesn't contain
>>> any parseable header holds.
>
> Hm, staring at rfc8200, it says that the first fragment packet must include
> the upper-layer header (e.g. tcp, udp). The patch here should probably add a
> comment wrt to the rfc.
You're right, it clearly says so. Nevermind my worries about malformed
packets then. Change LGTM:
Reviewed-by: Jakub Sitnicki <jakub@...udflare.com>
Powered by blists - more mailing lists