01/07/2026 18:20, Stephen Hemminger: > The IP reassembly library tracks only a running byte total and reserved > slots for the first and last fragments, with no coverage map. As a result > it mishandles duplicate, overlapping, oversized, and misheadered > fragments, and the IPv4 key is missing a field RFC 791 requires. There > was also no functional test to catch any of it. > > These came out of reviewing a duplicate-fragment report on the list. > > Patches 1 and 2 are interdependent: the overlap discard relies on the > duplicate handling so an exact duplicate is dropped on its own rather > than discarding the whole datagram. The rest are independent. > > Patch 6 adds a functional test modeled on the Linux selftest ip_defrag.c. > It passes on this series; with any single fix reverted the matching case > fails. > > v3 - drop stable from one patch and reword release note > > Stephen Hemminger (8): > ip_frag: tolerate duplicate fragments > ip_frag: discard datagrams with overlapping fragments > ip_frag: include protocol in IPv4 reassembly key > ip_frag: drop IPv6 fragments with per-fragment headers > ip_frag: reject oversized reassembled datagrams > app/test: add test for IP reassembly > ip_frag: remove use of rte_memcpy > doc: add release note about ip_frag changes
doc squashed in relevant commits atomically, applied, thanks.

