On Mon, Nov 5, 2018 at 4:40 PM Michael van Elst <[email protected]> wrote: > > [email protected] (Ryota Ozaki) writes: > > >diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c > >index ee4fc6fdfb3..a4a74c8009e 100644 > >--- a/sys/netinet6/udp6_usrreq.c > >+++ b/sys/netinet6/udp6_usrreq.c > >@@ -668,10 +668,18 @@ udp6_output(struct in6pcb * const in6p, struct mbuf *m, > > > if (addr6) { > > sin6 = addr6; > >+ if (sin6->sin6_len != sizeof(*sin6)) { > >+ error = EINVAL; > >+ goto release; > >+ } > > if (sin6->sin6_family != AF_INET6) { > > error = EAFNOSUPPORT; > > goto release; > > } > >+ if (sin6->sin6_port == 0) { > >+ error = EADDRNOTAVAIL; > >+ goto release; > >+ } > > The port validation is already done a few lines below,
Thanks, that's right. > but the comment when using the port is a bit strange: > > fport = sin6->sin6_port; /* allow 0 port */ > > Apparently that comment (and the port check) already > existed when the initial version was imported. Well... I think the comment is just a leftover to be removed :-/ ozaki-r
