Author: bz Date: Fri Dec 6 16:42:58 2019 New Revision: 355450 URL: https://svnweb.freebsd.org/changeset/base/355450
Log: ip6_input: remove redundant v4mapped check In ip6_input() we apply the same v4mapped address check twice. The only case which skipps the first one is M_FASTFWD_OURS which should have passed the check on the firstinput pass and passed the firewall. Remove the 2nd redundant check. Reviewed by: kp, melifaro MFC after: 2 weeks Sponsored by: Netflix (originally) Differential Revision: https://reviews.freebsd.org/D22462 Modified: head/sys/netinet6/ip6_input.c Modified: head/sys/netinet6/ip6_input.c ============================================================================== --- head/sys/netinet6/ip6_input.c Fri Dec 6 16:35:48 2019 (r355449) +++ head/sys/netinet6/ip6_input.c Fri Dec 6 16:42:58 2019 (r355450) @@ -897,24 +897,6 @@ passin: return; } - ip6 = mtod(m, struct ip6_hdr *); - - /* - * Malicious party may be able to use IPv4 mapped addr to confuse - * tcp/udp stack and bypass security checks (act as if it was from - * 127.0.0.1 by using IPv6 src ::ffff:127.0.0.1). Be cautious. - * - * For SIIT end node behavior, you may want to disable the check. - * However, you will become vulnerable to attacks using IPv4 mapped - * source. - */ - if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) || - IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) { - IP6STAT_INC(ip6s_badscope); - in6_ifstat_inc(rcvif, ifs6_in_addrerr); - goto bad; - } - /* * Tell launch routine the next header */ _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
