diff options
author | Dave Barach <dave@barachs.net> | 2019-09-04 12:09:32 -0400 |
---|---|---|
committer | Dave Barach <openvpp@barachs.net> | 2019-09-07 01:26:58 +0000 |
commit | c4abafd83df38051765352785b146277734701f4 (patch) | |
tree | 12633dc1337661d1c4d408df2d1bca67e1d940bc /src/vnet | |
parent | b736e75d5bb2d132fb00c35b6aabaa52e5f624ad (diff) |
ip: fix udp/tcp checksum corner cases
When checksumming chained buffers with odd lengths: insert a
NULL byte, or the calculation fails.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I380f7c42897bdb28c8c29aa1c4cdaaa849cc9ecc
Diffstat (limited to 'src/vnet')
-rw-r--r-- | src/vnet/ip/ip4_forward.c | 18 | ||||
-rw-r--r-- | src/vnet/ip/ip6_forward.c | 18 |
2 files changed, 31 insertions, 5 deletions
diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c index caf02d118cb..ecb35955798 100644 --- a/src/vnet/ip/ip4_forward.c +++ b/src/vnet/ip/ip4_forward.c @@ -1303,7 +1303,8 @@ ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, u32 ip_header_length, payload_length_host_byte_order; u32 n_this_buffer, n_bytes_left, n_ip_bytes_this_buffer; u16 sum16; - void *data_this_buffer; + u8 *data_this_buffer; + u8 length_odd; /* Initialize checksum with ip header. */ ip_header_length = ip4_header_bytes (ip0); @@ -1327,7 +1328,7 @@ ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->src_address, u64)); n_bytes_left = n_this_buffer = payload_length_host_byte_order; - data_this_buffer = (void *) ip0 + ip_header_length; + data_this_buffer = (u8 *) ip0 + ip_header_length; n_ip_bytes_this_buffer = p0->current_length - (((u8 *) ip0 - p0->data) - p0->current_data); if (n_this_buffer + ip_header_length > n_ip_bytes_this_buffer) @@ -1335,6 +1336,7 @@ ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, n_this_buffer = n_ip_bytes_this_buffer > ip_header_length ? n_ip_bytes_this_buffer - ip_header_length : 0; } + while (1) { sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer); @@ -1346,13 +1348,23 @@ ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, if (!(p0->flags & VLIB_BUFFER_NEXT_PRESENT)) return 0xfefe; + length_odd = (n_this_buffer & 1); + p0 = vlib_get_buffer (vm, p0->next_buffer); data_this_buffer = vlib_buffer_get_current (p0); n_this_buffer = clib_min (p0->current_length, n_bytes_left); + + if (PREDICT_FALSE (length_odd)) + { + /* Prepend a 0 or the resulting checksum will be incorrect. */ + data_this_buffer--; + n_this_buffer++; + n_bytes_left++; + data_this_buffer[0] = 0; + } } sum16 = ~ip_csum_fold (sum0); - return sum16; } diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c index 252bdf975be..067db77c412 100644 --- a/src/vnet/ip/ip6_forward.c +++ b/src/vnet/ip/ip6_forward.c @@ -1017,7 +1017,8 @@ ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, u16 sum16, payload_length_host_byte_order; u32 i, n_this_buffer, n_bytes_left; u32 headers_size = sizeof (ip0[0]); - void *data_this_buffer; + u8 *data_this_buffer; + u8 length_odd; ASSERT (bogus_lengthp); *bogus_lengthp = 0; @@ -1025,7 +1026,7 @@ ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, /* Initialize checksum with ip header. */ sum0 = ip0->payload_length + clib_host_to_net_u16 (ip0->protocol); payload_length_host_byte_order = clib_net_to_host_u16 (ip0->payload_length); - data_this_buffer = (void *) (ip0 + 1); + data_this_buffer = (u8 *) (ip0 + 1); for (i = 0; i < ARRAY_LEN (ip0->src_address.as_uword); i++) { @@ -1078,14 +1079,27 @@ ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, if (n_bytes_left == 0) break; + ASSERT (p0->flags & VLIB_BUFFER_NEXT_PRESENT); if (!(p0->flags & VLIB_BUFFER_NEXT_PRESENT)) { *bogus_lengthp = 1; return 0xfefe; } + + length_odd = (n_this_buffer & 1); + p0 = vlib_get_buffer (vm, p0->next_buffer); data_this_buffer = vlib_buffer_get_current (p0); n_this_buffer = clib_min (p0->current_length, n_bytes_left); + + if (PREDICT_FALSE (length_odd)) + { + /* Prepend a 0 or the resulting checksum will be incorrect. */ + data_this_buffer--; + n_this_buffer++; + n_bytes_left++; + data_this_buffer[0] = 0; + } } sum16 = ~ip_csum_fold (sum0); |