The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=27cb3328173e4de80fad90c3b794b3eb0320d69a
commit 27cb3328173e4de80fad90c3b794b3eb0320d69a Author: Kristof Provost <[email protected]> AuthorDate: 2025-02-14 15:23:53 +0000 Commit: Kristof Provost <[email protected]> CommitDate: 2025-02-21 09:16:52 +0000 pf: micro-optimise padding check In most cases, IP fragments do not have an Ethernet padding. So add a condition to save a useless call to m_adj() and have a paranoid length check in the other cases. OK henning@ Obtained from: OpenBSD, bluhm <[email protected]>, fcf0d61153 Obtained from: OpenBSD, chris <[email protected]>, ebe64b684c Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf_norm.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c index ac74434cf2b7..98539be8c6ce 100644 --- a/sys/netpfil/pf/pf_norm.c +++ b/sys/netpfil/pf/pf_norm.c @@ -706,7 +706,8 @@ pf_join_fragment(struct pf_fragment *frag) TAILQ_REMOVE(&frag->fr_queue, frent, fr_next); m = frent->fe_m; - m_adj(m, (frent->fe_hdrlen + frent->fe_len) - m->m_pkthdr.len); + if ((frent->fe_hdrlen + frent->fe_len) < m->m_pkthdr.len) + m_adj(m, (frent->fe_hdrlen + frent->fe_len) - m->m_pkthdr.len); uma_zfree(V_pf_frent_z, frent); while ((frent = TAILQ_FIRST(&frag->fr_queue)) != NULL) { TAILQ_REMOVE(&frag->fr_queue, frent, fr_next); @@ -715,7 +716,8 @@ pf_join_fragment(struct pf_fragment *frag) /* Strip off ip header. */ m_adj(m2, frent->fe_hdrlen); /* Strip off any trailing bytes. */ - m_adj(m2, frent->fe_len - m2->m_pkthdr.len); + if (frent->fe_len < m2->m_pkthdr.len) + m_adj(m2, frent->fe_len - m2->m_pkthdr.len); uma_zfree(V_pf_frent_z, frent); m_cat(m, m2);
