svn commit: r328350 - head/sys/netipsec

[Andrey V. Elsukov]

Author: ae
Date: Wed Jan 24 19:06:44 2018
New Revision: 328350
URL: https://svnweb.freebsd.org/changeset/base/328350

Log:
  Merge revision 1.35 from NetBSD:
    fix pointer/offset mistakes in handling of IPv4 options
  
  Reported by:	Maxime Villard <maxv at NetBSD.org>
  MFC after:	1 week

Modified:
  head/sys/netipsec/xform_ah.c

Modified: head/sys/netipsec/xform_ah.c
==============================================================================
--- head/sys/netipsec/xform_ah.c	Wed Jan 24 18:10:11 2018	(r328349)
+++ head/sys/netipsec/xform_ah.c	Wed Jan 24 19:06:44 2018	(r328350)
@@ -293,7 +293,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int sk
 		else
 			ip->ip_off = htons(0);
 
-		ptr = mtod(m, unsigned char *) + sizeof(struct ip);
+		ptr = mtod(m, unsigned char *);
 
 		/* IPv4 option processing */
 		for (off = sizeof(struct ip); off < skip;) {
@@ -374,7 +374,7 @@ ah_massage_headers(struct mbuf **m0, int proto, int sk
 
 				/* Zeroize all other options. */
 				count = ptr[off + 1];
-				bcopy(ipseczeroes, ptr, count);
+				bcopy(ipseczeroes, ptr + off, count);
 				off += count;
 				break;
 			}