DragonFlyBSD

#if 0

* If there is a preceding segment, it may provide some of

* our data already. If so, drop the data from the incoming

* segment. If it provides all of our data, drop us.

if (i >= ip6af->ip6af_frglen)

goto dropfrag;

m_adj(IP6_REASS_MBUF(ip6af), i);

ip6af->ip6af_off += i;

ip6af->ip6af_frglen -= i;

}

}

/*

* While we overlap succeeding segments trim them or,

* if they are completely covered, dequeue them.

*/

while (af6 != (struct ip6asfrag *)q6 &&

ip6af->ip6af_off + ip6af->ip6af_frglen > af6->ip6af_off) {

i = (ip6af->ip6af_off + ip6af->ip6af_frglen) - af6->ip6af_off;

if (i < af6->ip6af_frglen) {

af6->ip6af_frglen -= i;

af6->ip6af_off += i;

m_adj(IP6_REASS_MBUF(af6), i);

break;

}

af6 = af6->ip6af_down;

m_freem(IP6_REASS_MBUF(af6->ip6af_up));

frag6_deq(af6->ip6af_up);

}

#else

/*

* If the incoming framgent overlaps some existing fragments in

* the reassembly queue, drop it, since it is dangerous to override

* existing fragments from a security point of view.

*/

if (af6->ip6af_up != (struct ip6asfrag *)q6) {

i = af6->ip6af_up->ip6af_off + af6->ip6af_up->ip6af_frglen

- ip6af->ip6af_off;

if (i > 0) {

#if 0 /* suppress the noisy log */

log(LOG_ERR, "%d bytes of a fragment from %s "

"overlaps the previous fragment\n",

i, ip6_sprintf(&q6->ip6q_src));

#endif

#if 0 /* suppress the noisy log */

log(LOG_ERR, "%d bytes of a fragment from %s "

"overlaps the succeeding fragment",

i, ip6_sprintf(&q6->ip6q_src));

#endif

#endif