[PATCH 1/6] net: improve check for no IP options
Rasmus Villemoes
rasmus.villemoes at prevas.dk
Fri Oct 14 19:43:37 CEST 2022
There's no reason we should accept an IP packet with a malformed IHL
field. So ensure that it is exactly 5, not just <= 5.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes at prevas.dk>
---
net/net.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/net.c b/net/net.c
index 81905f6315..536731245b 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1209,7 +1209,7 @@ void net_process_received_packet(uchar *in_packet, int len)
if ((ip->ip_hl_v & 0xf0) != 0x40)
return;
/* Can't deal with IP options (headers != 20 bytes) */
- if ((ip->ip_hl_v & 0x0f) > 0x05)
+ if ((ip->ip_hl_v & 0x0f) != 0x05)
return;
/* Check the Checksum of the header */
if (!ip_checksum_ok((uchar *)ip, IP_HDR_SIZE)) {
--
2.37.2
More information about the U-Boot
mailing list