From: Rasmus Villemoes Date: Fri, 14 Oct 2022 17:43:37 +0000 (+0200) Subject: net: improve check for no IP options X-Git-Tag: v2025.01-rc5-pxa1908~1199^2~13 X-Git-Url: http://git.dujemihanovic.xyz/html/%7B%7B%20.RelPermalink%20%7D%7D?a=commitdiff_plain;h=b0fcc48cb37057ccbe29481d3297f7b9243a4b92;p=u-boot.git net: improve check for no IP options There's no reason we should accept an IP packet with a malformed IHL field. So ensure that it is exactly 5, not just <= 5. Signed-off-by: Rasmus Villemoes Reviewed-by: Ramon Fried --- diff --git a/net/net.c b/net/net.c index b27b021d07..be4374ffc4 100644 --- a/net/net.c +++ b/net/net.c @@ -1226,7 +1226,7 @@ void net_process_received_packet(uchar *in_packet, int len) if ((ip->ip_hl_v & 0xf0) != 0x40) return; /* Can't deal with IP options (headers != 20 bytes) */ - if ((ip->ip_hl_v & 0x0f) > 0x05) + if ((ip->ip_hl_v & 0x0f) != 0x05) return; /* Check the Checksum of the header */ if (!ip_checksum_ok((uchar *)ip, IP_HDR_SIZE)) {