PERFORCE change 138687 for review

Wed Mar 26 23:59:17 UTC 2008

http://perforce.freebsd.org/chv.cgi?CH=138687

Change 138687 by piso at piso_newluxor on 2008/03/26 23:59:16

	Pullup the data before using it.

Affected files ...

.. //depot/projects/soc2005/libalias/sys/netinet/ip_fw_nat.c#3 edit

Differences ...

==== //depot/projects/soc2005/libalias/sys/netinet/ip_fw_nat.c#3 (text+ko) ====

@@ -245,18 +245,16 @@
 static int
 ipfw_nat(struct ip_fw_args *args, struct cfg_nat *t, struct mbuf *m)
 {
-	struct mbuf *mcl;
 	struct ip *ip;
 	/* XXX - libalias duct tape */
 	int ldt, retval;
-	char *c;
 
 	ldt = 0;
 	retval = 0;
-	if ((mcl = m_pullup(m, sizeof(struct ip))) ==
+	if ((m = m_pullup(m, sizeof(struct ip))) ==
 	    NULL)
 		goto badnat;
-	ip = mtod(mcl, struct ip *);
+	ip = mtod(m, struct ip *);
 	if (args->eh == NULL) {
 		ip->ip_len = htons(ip->ip_len);
 		ip->ip_off = htons(ip->ip_off);
@@ -310,27 +308,34 @@
 	 * it can handle delayed checksum and tso)
 	 */
 
-	if (mcl->m_pkthdr.rcvif == NULL && 
-	    mcl->m_pkthdr.csum_flags & 
+	if (m->m_pkthdr.rcvif == NULL && 
+	    m->m_pkthdr.csum_flags & 
 	    CSUM_DELAY_DATA)
 		ldt = 1;
 
-	c = mtod(mcl, char *);
 	if (args->oif == NULL)
-		retval = LibAliasIn(t->lib, &mcl, 
-				    MCLBYTES);
+		retval = LibAliasIn(t->lib, &m,
+		    MCLBYTES);
 	else
-		retval = LibAliasOut(t->lib, &mcl, 
-				     MCLBYTES);
+		retval = LibAliasOut(t->lib, &m,
+		    MCLBYTES);
 	if (retval != PKT_ALIAS_OK) {
+		printf("retval: ");
 		/* XXX - should i add some logging? */
-		m_free(mcl);
+		m_free(m);
 	badnat:
+		printf("badnat ");
+		if (args->oif == NULL)
+			printf("LibAliasIn");
+		else
+			printf("LibAliasOut");
+		printf("\n");
 		args->m = NULL;
 		return (IP_FW_DENY);
 	}
-	mcl->m_pkthdr.len = mcl->m_len = 
-	    ntohs(ip->ip_len);
+	m = m_pullup(m, sizeof(struct ip));
+	ip = mtod(m, struct ip *);
+	m->m_pkthdr.len = ntohs(ip->ip_len);
 
 	/* 
 	 * XXX - libalias checksum offload 
@@ -341,6 +346,10 @@
 	    ip->ip_p == IPPROTO_TCP) {
 		struct tcphdr 	*th; 
 
+		if ((m = m_pullup(m, (ip->ip_hl << 2) +
+			sizeof(struct tcphdr))) == NULL)
+			goto badnat;
+		ip = mtod(m, struct ip *);
 		th = (struct tcphdr *)(ip + 1);
 		if (th->th_x2) 
 			ldt = 1;
@@ -360,6 +369,9 @@
 					
 		switch (ip->ip_p) {
 		case IPPROTO_TCP:
+			if ((m = m_pullup(m, (ip->ip_hl << 2) + sizeof(struct tcphdr))) == NULL)
+				goto badnat;
+			ip = mtod(m, struct ip *);
 			th = (struct tcphdr *)(ip + 1);
 			/* 
 			 * Maybe it was set in 
@@ -367,13 +379,16 @@
 			 */
 			th->th_x2 = 0;
 			th->th_sum = cksum;
-			mcl->m_pkthdr.csum_data = 
+			m->m_pkthdr.csum_data = 
 			    offsetof(struct tcphdr, th_sum);
 			break;
 		case IPPROTO_UDP:
+			    if ((m = m_pullup(m, (ip->ip_hl << 2) + sizeof(struct udphdr))) == NULL)
+				goto badnat;
+			ip = mtod(m, struct ip *);
 			uh = (struct udphdr *)(ip + 1);
 			uh->uh_sum = cksum;
-			mcl->m_pkthdr.csum_data = 
+			m->m_pkthdr.csum_data = 
 			    offsetof(struct udphdr, uh_sum);
 			break;						
 		}
@@ -381,10 +396,10 @@
 		 * No hw checksum offloading: do it 
 		 * by ourself. 
 		 */
-		if ((mcl->m_pkthdr.csum_flags & 
+		if ((m->m_pkthdr.csum_flags & 
 		     CSUM_DELAY_DATA) == 0) {
-			in_delayed_cksum(mcl);
-			mcl->m_pkthdr.csum_flags &= 
+			in_delayed_cksum(m);
+			m->m_pkthdr.csum_flags &= 
 			    ~CSUM_DELAY_DATA;
 		}
 		ip->ip_len = htons(ip->ip_len);
@@ -395,7 +410,7 @@
 		ip->ip_off = ntohs(ip->ip_off);
 	}
 
-	args->m = mcl;
+	args->m = m;
 	return (IP_FW_NAT);
 }
 
