[Bug 276363] if_wg: Fix a code bug in calculate_padding() although impossible to hit

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 276363] if_wg: Fix a code bug in calculate_padding() although impossible to hit"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 276363] if_wg: Fix bug in calculate_padding() for the 'p_mtu = 0' case"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 276363] if_wg: Fix bug in calculate_padding() for the 'p_mtu = 0' case"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 16 Jan 2024 05:24:32 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=276363

            Bug ID: 276363
           Summary: if_wg: Fix a code bug in calculate_padding() although
                    impossible to hit
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: aly@aaronly.me

The padding length calculation in calculate_padding() is wrong for the special
case of 'p_mtu = 0'.  It's calculating the padded length instead of the length
to pad.  So it should be:

if (__predict_false(!pkt->p_mtu))
        return ((last_unit + (WG_PKT_PADDING - 1)) & ~(WG_PKT_PADDING - 1)) -
last_unit;

However, it's impossible for 'p_mtu' to be zero.  So I'd propose the following
fix:

@@ -1461,8 +1461,7 @@ calculate_padding(struct wg_packet *pkt)
 {
        unsigned int padded_size, last_unit = pkt->p_mbuf->m_pkthdr.len;

-       if (__predict_false(!pkt->p_mtu))
-               return (last_unit + (WG_PKT_PADDING - 1)) & ~(WG_PKT_PADDING -
1);
+       KASSERT(pkt->p_mtu != 0, ("%s: packet %p has p_mtu = 0", __func__, m));

        if (__predict_false(last_unit > pkt->p_mtu))
                last_unit %= pkt->p_mtu;

-- 
You are receiving this mail because:
You are the assignee for the bug.