diff options
| author | Ting-Yu Wang <anivia@google.com> | 2021-01-15 15:03:30 -0800 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-01-15 15:10:27 -0800 |
| commit | ec9e263f213c59e93f9c8b8123012b3db2dddc9a (patch) | |
| tree | 87f0fca5791ece2a138fe822b4067569425f6bd2 /pkg/tcpip/network/ipv6/ndp.go | |
| parent | 55c7fe48d223ee5678dff7f5bf9a9e5f0482ab37 (diff) | |
Correctly return EMSGSIZE when packet is too big in raw socket.
IPv4 previously accepts the packet, while IPv6 panics. Neither is the behavior
in Linux.
splice() in Linux has different behavior than in gVisor. This change documents
it in the SpliceTooLong test.
Reported-by: syzbot+b550e78e5c24d1d521f2@syzkaller.appspotmail.com
PiperOrigin-RevId: 352091286
Diffstat (limited to 'pkg/tcpip/network/ipv6/ndp.go')
| -rw-r--r-- | pkg/tcpip/network/ipv6/ndp.go | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/pkg/tcpip/network/ipv6/ndp.go b/pkg/tcpip/network/ipv6/ndp.go index d515eb622..1d8fee50b 100644 --- a/pkg/tcpip/network/ipv6/ndp.go +++ b/pkg/tcpip/network/ipv6/ndp.go @@ -732,10 +732,12 @@ func (ndp *ndpState) sendDADPacket(addr tcpip.Address, addressEndpoint stack.Add }) sent := ndp.ep.protocol.stack.Stats().ICMP.V6.PacketsSent - ndp.ep.addIPHeader(header.IPv6Any, snmc, pkt, stack.NetworkHeaderParams{ + if err := ndp.ep.addIPHeader(header.IPv6Any, snmc, pkt, stack.NetworkHeaderParams{ Protocol: header.ICMPv6ProtocolNumber, TTL: header.NDPHopLimit, - }, nil /* extensionHeaders */) + }, nil /* extensionHeaders */); err != nil { + panic(fmt.Sprintf("failed to add IP header: %s", err)) + } if err := ndp.ep.nic.WritePacketToRemote(header.EthernetAddressFromMulticastIPv6Address(snmc), nil /* gso */, ProtocolNumber, pkt); err != nil { sent.Dropped.Increment() @@ -1854,11 +1856,12 @@ func (ndp *ndpState) startSolicitingRouters() { }) sent := ndp.ep.protocol.stack.Stats().ICMP.V6.PacketsSent - ndp.ep.addIPHeader(localAddr, header.IPv6AllRoutersMulticastAddress, pkt, stack.NetworkHeaderParams{ + if err := ndp.ep.addIPHeader(localAddr, header.IPv6AllRoutersMulticastAddress, pkt, stack.NetworkHeaderParams{ Protocol: header.ICMPv6ProtocolNumber, TTL: header.NDPHopLimit, - }, nil /* extensionHeaders */) - + }, nil /* extensionHeaders */); err != nil { + panic(fmt.Sprintf("failed to add IP header: %s", err)) + } if err := ndp.ep.nic.WritePacketToRemote(header.EthernetAddressFromMulticastIPv6Address(header.IPv6AllRoutersMulticastAddress), nil /* gso */, ProtocolNumber, pkt); err != nil { sent.Dropped.Increment() log.Printf("startSolicitingRouters: error writing NDP router solicit message on NIC(%d); err = %s", ndp.ep.nic.ID(), err) |