diff options
| author | Ting-Yu Wang <anivia@google.com> | 2021-01-15 15:03:30 -0800 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-01-15 15:10:27 -0800 |
| commit | ec9e263f213c59e93f9c8b8123012b3db2dddc9a (patch) | |
| tree | 87f0fca5791ece2a138fe822b4067569425f6bd2 /pkg/tcpip/network/ipv6/ipv6.go | |
| parent | 55c7fe48d223ee5678dff7f5bf9a9e5f0482ab37 (diff) | |
Correctly return EMSGSIZE when packet is too big in raw socket.
IPv4 previously accepts the packet, while IPv6 panics. Neither is the behavior
in Linux.
splice() in Linux has different behavior than in gVisor. This change documents
it in the SpliceTooLong test.
Reported-by: syzbot+b550e78e5c24d1d521f2@syzkaller.appspotmail.com
PiperOrigin-RevId: 352091286
Diffstat (limited to 'pkg/tcpip/network/ipv6/ipv6.go')
| -rw-r--r-- | pkg/tcpip/network/ipv6/ipv6.go | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/pkg/tcpip/network/ipv6/ipv6.go b/pkg/tcpip/network/ipv6/ipv6.go index 2f82c3d5f..ae4a8f508 100644 --- a/pkg/tcpip/network/ipv6/ipv6.go +++ b/pkg/tcpip/network/ipv6/ipv6.go @@ -553,11 +553,11 @@ func (e *endpoint) MaxHeaderLength() uint16 { return e.nic.MaxHeaderLength() + header.IPv6MinimumSize } -func (e *endpoint) addIPHeader(srcAddr, dstAddr tcpip.Address, pkt *stack.PacketBuffer, params stack.NetworkHeaderParams, extensionHeaders header.IPv6ExtHdrSerializer) { +func (e *endpoint) addIPHeader(srcAddr, dstAddr tcpip.Address, pkt *stack.PacketBuffer, params stack.NetworkHeaderParams, extensionHeaders header.IPv6ExtHdrSerializer) *tcpip.Error { extHdrsLen := extensionHeaders.Length() length := pkt.Size() + extensionHeaders.Length() if length > math.MaxUint16 { - panic(fmt.Sprintf("IPv6 payload too large: %d, must be <= %d", length, math.MaxUint16)) + return tcpip.ErrMessageTooLong } ip := header.IPv6(pkt.NetworkHeader().Push(header.IPv6MinimumSize + extHdrsLen)) ip.Encode(&header.IPv6Fields{ @@ -570,6 +570,7 @@ func (e *endpoint) addIPHeader(srcAddr, dstAddr tcpip.Address, pkt *stack.Packet ExtensionHeaders: extensionHeaders, }) pkt.NetworkProtocolNumber = ProtocolNumber + return nil } func packetMustBeFragmented(pkt *stack.PacketBuffer, networkMTU uint32, gso *stack.GSO) bool { @@ -622,7 +623,9 @@ func (e *endpoint) handleFragments(r *stack.Route, gso *stack.GSO, networkMTU ui // WritePacket writes a packet to the given destination address and protocol. func (e *endpoint) WritePacket(r *stack.Route, gso *stack.GSO, params stack.NetworkHeaderParams, pkt *stack.PacketBuffer) *tcpip.Error { - e.addIPHeader(r.LocalAddress, r.RemoteAddress, pkt, params, nil /* extensionHeaders */) + if err := e.addIPHeader(r.LocalAddress, r.RemoteAddress, pkt, params, nil /* extensionHeaders */); err != nil { + return err + } // iptables filtering. All packets that reach here are locally // generated. @@ -711,7 +714,9 @@ func (e *endpoint) WritePackets(r *stack.Route, gso *stack.GSO, pkts stack.Packe linkMTU := e.nic.MTU() for pb := pkts.Front(); pb != nil; pb = pb.Next() { - e.addIPHeader(r.LocalAddress, r.RemoteAddress, pb, params, nil /* extensionHeaders */) + if err := e.addIPHeader(r.LocalAddress, r.RemoteAddress, pb, params, nil /* extensionHeaders */); err != nil { + return 0, err + } networkMTU, err := calculateNetworkMTU(linkMTU, uint32(pb.NetworkHeader().View().Size())) if err != nil { |