From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <newlib-cvs-return-3932-listarch-newlib-cvs=sources.redhat.com@sourceware.org>
Received: (qmail 87930 invoked by alias); 24 Aug 2018 13:11:52 -0000
Mailing-List: contact newlib-cvs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <newlib-cvs.sourceware.org>
List-Subscribe: <mailto:newlib-cvs-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/newlib-cvs/>
List-Post: <mailto:newlib-cvs@sourceware.org>
List-Help: <mailto:newlib-cvs-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: newlib-cvs-owner@sourceware.org
Received: (qmail 86577 invoked by uid 10080); 24 Aug 2018 13:11:51 -0000
Date: Fri, 24 Aug 2018 13:11:00 -0000
Message-ID: <20180824131151.86570.qmail@sourceware.org>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Sebastian Huber <sh@sourceware.org>
To: newlib-cvs@sourceware.org
Subject: [newlib-cygwin] Add a limit of the number of fragments per IPv6
 packet.
X-Act-Checkin: newlib-cygwin
X-Git-Author: jtl <jtl@FreeBSD.org>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 215e33310b623f58fc5ddd5c678e99f449a13419
X-Git-Newrev: 0e5c59050d22b22ef6a1f37163040505cb6161f0
X-SW-Source: 2018-q3/txt/msg00088.txt.bz2

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=0e5c59050d22b22ef6a1f37163040505cb6161f0

commit 0e5c59050d22b22ef6a1f37163040505cb6161f0
Author: jtl <jtl@FreeBSD.org>
Date:   Tue Aug 14 17:26:07 2018 +0000

    Add a limit of the number of fragments per IPv6 packet.
    
    The IPv4 fragment reassembly code supports a limit on the number of
    fragments per packet. The default limit is currently 17 fragments.
    Among other things, this limit serves to limit the number of fragments
    the code must parse when trying to reassembly a packet.
    
    Add a limit to the IPv6 reassembly code. By default, limit a packet
    to 65 fragments (64 on the queue, plus one final fragment to complete
    the packet). This allows an average fragment size of 1,008 bytes, which
    should be sufficient to hold a fragment. (Recall that the IPv6 minimum
    MTU is 1280 bytes. Therefore, this configuration allows a full-size
    IPv6 packet to be fragmented on a link with the minimum MTU and still
    carry approximately 272 bytes of headers before the fragmented portion
    of the packet.)
    
    Users can adjust this limit using the net.inet6.ip6.maxfragsperpacket
    sysctl.
    
    Reviewed by:	jhb
    Security:	FreeBSD-SA-18:10.ip
    Security:	CVE-2018-6923

Diff:
---
 newlib/libc/sys/rtems/include/netinet6/in6.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/newlib/libc/sys/rtems/include/netinet6/in6.h b/newlib/libc/sys/rtems/include/netinet6/in6.h
index 37e1e93..235c990 100644
--- a/newlib/libc/sys/rtems/include/netinet6/in6.h
+++ b/newlib/libc/sys/rtems/include/netinet6/in6.h
@@ -642,7 +642,8 @@ struct ip6_mtuinfo {
 #define	IPV6CTL_INTRQMAXLEN	51	/* max length of IPv6 netisr queue */
 #define	IPV6CTL_INTRDQMAXLEN	52	/* max length of direct IPv6 netisr
 					 * queue */
-#define	IPV6CTL_MAXID		53
+#define	IPV6CTL_MAXFRAGSPERPACKET	53 /* Max fragments per packet */
+#define	IPV6CTL_MAXID		54
 #endif /* __BSD_VISIBLE */
 
 /*