Index: src/sys/netinet/ip6.h diff -c src/sys/netinet/ip6.h:1.10 src/sys/netinet/ip6.h:1.11 *** sys/netinet/ip6.h:1.10 Sat Oct 25 05:57:08 2003 --- sys/netinet/ip6.h Fri Mar 26 13:52:18 2004 *************** *** 213,218 **** --- 213,219 ---- #define IPV6_MMTU 1280 /* minimal MTU and reassembly. 1024 + 256 */ #define IPV6_MAXPACKET 65535 /* ip6 max packet size without Jumbo payload*/ + #define IPV6_MAXOPTHDR 2048 /* max option header size, 256 64-bit words */ #ifdef _KERNEL /* Index: src/sys/netinet6/ip6_output.c diff -c src/sys/netinet6/ip6_output.c:1.78 src/sys/netinet6/ip6_output.c:1.79 *** sys/netinet6/ip6_output.c:1.78 Tue Feb 17 08:02:37 2004 --- sys/netinet6/ip6_output.c Fri Mar 26 13:52:18 2004 *************** *** 1780,1791 **** break; } ! optbuf = sopt->sopt_val; optlen = sopt->sopt_valsize; optp = &in6p->in6p_outputopts; error = ip6_pcbopt(optname, optbuf, optlen, optp, privileged, uproto); break; } #undef OPTSET --- 1780,1827 ---- break; } ! switch (optname) { ! case IPV6_HOPOPTS: ! case IPV6_DSTOPTS: ! case IPV6_RTHDRDSTOPTS: ! case IPV6_NEXTHOP: ! if (!privileged) ! error = EPERM; ! break; ! } ! if (error) ! break; ! ! switch (optname) { ! case IPV6_PKTINFO: ! optlen = sizeof(struct in6_pktinfo); ! break; ! case IPV6_NEXTHOP: ! optlen = SOCK_MAXADDRLEN; ! break; ! default: ! optlen = IPV6_MAXOPTHDR; ! break; ! } ! if (sopt->sopt_valsize > optlen) { ! error = EINVAL; ! break; ! } ! optlen = sopt->sopt_valsize; + optbuf = malloc(optlen, M_TEMP, M_WAITOK); + error = sooptcopyin(sopt, optbuf, optlen, + optlen); + if (error) { + free(optbuf, M_TEMP); + break; + } + optp = &in6p->in6p_outputopts; error = ip6_pcbopt(optname, optbuf, optlen, optp, privileged, uproto); + free(optbuf, M_TEMP); break; } #undef OPTSET