nalika / rpms / grub2

Forked from rpms/grub2 2 years ago
Clone
23d2ea
From d11b2eb425d2125f67dd8d8e9b11d9be7d6f3f11 Mon Sep 17 00:00:00 2001
606ea6
From: Paulo Flabiano Smorigo <pfsmorigo@br.ibm.com>
606ea6
Date: Wed, 5 Feb 2014 09:42:42 -0200
27a4da
Subject: [PATCH 133/260] trim arp packets with abnormal size
606ea6
606ea6
GRUB uses arp request to create the arp response. If the incoming packet
606ea6
is foobared, GRUB needs to trim the arp response packet before sending it.
606ea6
---
606ea6
 grub-core/net/arp.c | 6 ++++++
606ea6
 1 file changed, 6 insertions(+)
606ea6
606ea6
diff --git a/grub-core/net/arp.c b/grub-core/net/arp.c
27a4da
index d62d0cc1e..77581f4b2 100644
606ea6
--- a/grub-core/net/arp.c
606ea6
+++ b/grub-core/net/arp.c
606ea6
@@ -162,6 +162,12 @@ grub_net_arp_receive (struct grub_net_buff *nb,
606ea6
     if (grub_net_addr_cmp (&inf->address, &target_addr) == 0
606ea6
 	&& grub_be_to_cpu16 (arp_header->op) == ARP_REQUEST)
606ea6
       {
606ea6
+        if ((nb->tail - nb->data) > 50)
606ea6
+          {
606ea6
+            grub_dprintf ("net", "arp packet with abnormal size (%ld bytes).\n",
606ea6
+                         nb->tail - nb->data);
606ea6
+            nb->tail = nb->data + 50;
606ea6
+          }
606ea6
 	grub_net_link_level_address_t target;
606ea6
 	/* We've already checked that pln is either 4 or 16.  */
606ea6
 	char tmp[16];
606ea6
-- 
27a4da
2.13.0
39700a