diff options
| author | Toshi Kikuchi <toshik@google.com> | 2020-09-12 23:19:34 -0700 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2020-09-12 23:21:27 -0700 |
| commit | b6ca96b9b9e71ba57653cf9d3ef0767771949378 (patch) | |
| tree | 1be79e4ee11876cfb1742b6514ab7dc70fc93c29 /pkg/tcpip/header | |
| parent | 3ca73841d7ec1218cab21f7be2433f739be5d367 (diff) | |
Cap reassembled IPv6 packets at 65535 octets
IPv4 can accept 65536-octet reassembled packets.
Test:
- ipv4_test.TestInvalidFragments
- ipv4_test.TestReceiveFragments
- ipv6.TestInvalidIPv6Fragments
- ipv6.TestReceiveIPv6Fragments
Fixes #3770
PiperOrigin-RevId: 331382977
Diffstat (limited to 'pkg/tcpip/header')
| -rw-r--r-- | pkg/tcpip/header/ipv4.go | 10 | ||||
| -rw-r--r-- | pkg/tcpip/header/ipv6.go | 4 | ||||
| -rw-r--r-- | pkg/tcpip/header/udp.go | 5 |
3 files changed, 19 insertions, 0 deletions
diff --git a/pkg/tcpip/header/ipv4.go b/pkg/tcpip/header/ipv4.go index 680eafd16..e8816c3f4 100644 --- a/pkg/tcpip/header/ipv4.go +++ b/pkg/tcpip/header/ipv4.go @@ -88,6 +88,16 @@ const ( // units, the header cannot exceed 15*4 = 60 bytes. IPv4MaximumHeaderSize = 60 + // IPv4MaximumPayloadSize is the maximum size of a valid IPv4 payload. + // + // Linux limits this to 65,515 octets (the max IP datagram size - the IPv4 + // header size). But RFC 791 section 3.2 discusses the design of the IPv4 + // fragment "allows 2**13 = 8192 fragments of 8 octets each for a total of + // 65,536 octets. Note that this is consistent with the the datagram total + // length field (of course, the header is counted in the total length and not + // in the fragments)." + IPv4MaximumPayloadSize = 65536 + // MinIPFragmentPayloadSize is the minimum number of payload bytes that // the first fragment must carry when an IPv4 packet is fragmented. MinIPFragmentPayloadSize = 8 diff --git a/pkg/tcpip/header/ipv6.go b/pkg/tcpip/header/ipv6.go index ea3823898..0761a1807 100644 --- a/pkg/tcpip/header/ipv6.go +++ b/pkg/tcpip/header/ipv6.go @@ -74,6 +74,10 @@ const ( // IPv6AddressSize is the size, in bytes, of an IPv6 address. IPv6AddressSize = 16 + // IPv6MaximumPayloadSize is the maximum size of a valid IPv6 payload per + // RFC 8200 Section 4.5. + IPv6MaximumPayloadSize = 65535 + // IPv6ProtocolNumber is IPv6's network protocol number. IPv6ProtocolNumber tcpip.NetworkProtocolNumber = 0x86dd diff --git a/pkg/tcpip/header/udp.go b/pkg/tcpip/header/udp.go index 9339d637f..98bdd29db 100644 --- a/pkg/tcpip/header/udp.go +++ b/pkg/tcpip/header/udp.go @@ -16,6 +16,7 @@ package header import ( "encoding/binary" + "math" "gvisor.dev/gvisor/pkg/tcpip" ) @@ -55,6 +56,10 @@ const ( // UDPMinimumSize is the minimum size of a valid UDP packet. UDPMinimumSize = 8 + // UDPMaximumSize is the maximum size of a valid UDP packet. The length field + // in the UDP header is 16 bits as per RFC 768. + UDPMaximumSize = math.MaxUint16 + // UDPProtocolNumber is UDP's transport protocol number. UDPProtocolNumber tcpip.TransportProtocolNumber = 17 ) |