mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-23 14:31:08 +01:00
3340d77368
It fixes many buffer overflow in different protocol parsers, but none of them are critical, even in absense of Capsicum. Security: CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925 Security: CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929 Security: CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933 Security: CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937 Security: CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973 Security: CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984 Security: CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993 Security: CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203 Security: CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342 Security: CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485 Security: CVE-2017-5486
165 lines
5.7 KiB
C
165 lines
5.7 KiB
C
/*
|
|
* Copyright (c) 1982, 1986, 1993
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. All advertising materials mentioning features or use of this software
|
|
* must display the following acknowledgement:
|
|
* This product includes software developed by the University of
|
|
* California, Berkeley and its contributors.
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*
|
|
* @(#)ip.h 8.2 (Berkeley) 6/1/94
|
|
*/
|
|
|
|
#ifndef netdissect_ip_h
|
|
#define netdissect_ip_h
|
|
|
|
/*
|
|
* Definitions for internet protocol version 4.
|
|
* Per RFC 791, September 1981.
|
|
*/
|
|
#define IPVERSION 4
|
|
|
|
/*
|
|
* Structure of an internet header, naked of options.
|
|
*
|
|
* We declare ip_len and ip_off to be short, rather than u_short
|
|
* pragmatically since otherwise unsigned comparisons can result
|
|
* against negative integers quite easily, and fail in subtle ways.
|
|
*/
|
|
struct ip {
|
|
nd_uint8_t ip_vhl; /* header length, version */
|
|
#define IP_V(ip) (((ip)->ip_vhl & 0xf0) >> 4)
|
|
#define IP_HL(ip) ((ip)->ip_vhl & 0x0f)
|
|
nd_uint8_t ip_tos; /* type of service */
|
|
nd_uint16_t ip_len; /* total length */
|
|
nd_uint16_t ip_id; /* identification */
|
|
nd_uint16_t ip_off; /* fragment offset field */
|
|
#define IP_DF 0x4000 /* dont fragment flag */
|
|
#define IP_MF 0x2000 /* more fragments flag */
|
|
#define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
|
|
nd_uint8_t ip_ttl; /* time to live */
|
|
nd_uint8_t ip_p; /* protocol */
|
|
nd_uint16_t ip_sum; /* checksum */
|
|
nd_ipv4 ip_src,ip_dst; /* source and dest address */
|
|
};
|
|
|
|
#define IP_MAXPACKET 65535 /* maximum packet size */
|
|
|
|
/*
|
|
* Definitions for IP type of service (ip_tos)
|
|
*/
|
|
#define IPTOS_LOWDELAY 0x10
|
|
#define IPTOS_THROUGHPUT 0x08
|
|
#define IPTOS_RELIABILITY 0x04
|
|
|
|
/*
|
|
* Definitions for IP precedence (also in ip_tos) (hopefully unused)
|
|
*/
|
|
#define IPTOS_PREC_NETCONTROL 0xe0
|
|
#define IPTOS_PREC_INTERNETCONTROL 0xc0
|
|
#define IPTOS_PREC_CRITIC_ECP 0xa0
|
|
#define IPTOS_PREC_FLASHOVERRIDE 0x80
|
|
#define IPTOS_PREC_FLASH 0x60
|
|
#define IPTOS_PREC_IMMEDIATE 0x40
|
|
#define IPTOS_PREC_PRIORITY 0x20
|
|
#define IPTOS_PREC_ROUTINE 0x00
|
|
|
|
/*
|
|
* Definitions for options.
|
|
*/
|
|
#define IPOPT_COPIED(o) ((o)&0x80)
|
|
#define IPOPT_CLASS(o) ((o)&0x60)
|
|
#define IPOPT_NUMBER(o) ((o)&0x1f)
|
|
|
|
#define IPOPT_CONTROL 0x00
|
|
#define IPOPT_RESERVED1 0x20
|
|
#define IPOPT_DEBMEAS 0x40
|
|
#define IPOPT_RESERVED2 0x60
|
|
|
|
#define IPOPT_EOL 0 /* end of option list */
|
|
#define IPOPT_NOP 1 /* no operation */
|
|
|
|
#define IPOPT_RR 7 /* record packet route */
|
|
#define IPOPT_TS 68 /* timestamp */
|
|
#define IPOPT_RFC1393 82 /* traceroute RFC 1393 */
|
|
#define IPOPT_SECURITY 130 /* provide s,c,h,tcc */
|
|
#define IPOPT_LSRR 131 /* loose source route */
|
|
#define IPOPT_SATID 136 /* satnet id */
|
|
#define IPOPT_SSRR 137 /* strict source route */
|
|
#define IPOPT_RA 148 /* router-alert, rfc2113 */
|
|
|
|
/*
|
|
* Offsets to fields in options other than EOL and NOP.
|
|
*/
|
|
#define IPOPT_OPTVAL 0 /* option ID */
|
|
#define IPOPT_OLEN 1 /* option length */
|
|
#define IPOPT_OFFSET 2 /* offset within option */
|
|
#define IPOPT_MINOFF 4 /* min value of above */
|
|
|
|
/*
|
|
* Time stamp option structure.
|
|
*/
|
|
struct ip_timestamp {
|
|
nd_uint8_t ipt_code; /* IPOPT_TS */
|
|
nd_uint8_t ipt_len; /* size of structure (variable) */
|
|
nd_uint8_t ipt_ptr; /* index of current entry */
|
|
nd_uint8_t ipt_oflwflg; /* flags, overflow counter */
|
|
#define IPTS_OFLW(ip) (((ipt)->ipt_oflwflg & 0xf0) >> 4)
|
|
#define IPTS_FLG(ip) ((ipt)->ipt_oflwflg & 0x0f)
|
|
union ipt_timestamp {
|
|
nd_uint32_t ipt_time[1];
|
|
struct ipt_ta {
|
|
nd_ipv4 ipt_addr;
|
|
nd_uint32_t ipt_time;
|
|
} ipt_ta[1];
|
|
} ipt_timestamp;
|
|
};
|
|
|
|
/* flag bits for ipt_flg */
|
|
#define IPOPT_TS_TSONLY 0 /* timestamps only */
|
|
#define IPOPT_TS_TSANDADDR 1 /* timestamps and addresses */
|
|
#define IPOPT_TS_PRESPEC 3 /* specified modules only */
|
|
|
|
/* bits for security (not byte swapped) */
|
|
#define IPOPT_SECUR_UNCLASS 0x0000
|
|
#define IPOPT_SECUR_CONFID 0xf135
|
|
#define IPOPT_SECUR_EFTO 0x789a
|
|
#define IPOPT_SECUR_MMMM 0xbc4d
|
|
#define IPOPT_SECUR_RESTR 0xaf13
|
|
#define IPOPT_SECUR_SECRET 0xd788
|
|
#define IPOPT_SECUR_TOPSECRET 0x6bc5
|
|
|
|
/*
|
|
* Internet implementation parameters.
|
|
*/
|
|
#define MAXTTL 255 /* maximum time to live (seconds) */
|
|
#define IPDEFTTL 64 /* default ttl, from RFC 1340 */
|
|
#define IPFRAGTTL 60 /* time to live for frags, slowhz */
|
|
#define IPTTLDEC 1 /* subtracted when forwarding */
|
|
|
|
#define IP_MSS 576 /* default maximum segment size */
|
|
#endif /* netdissect_ip_h */
|