diff options
| author | Vlad Yasevich <vladislav.yasevich@hp.com> | 2006-06-18 01:55:35 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2006-06-18 01:55:35 -0400 |
| commit | 5636bef7324f49e36f05ec8a5f6284e11b1bcca4 (patch) | |
| tree | b5e9e42560ba86ffbbd63a582df87844996b6d03 | |
| parent | 402d68c43326d2f0e7e2e9a9013cd4c098d9b87c (diff) | |
[SCTP]: Reject sctp packets with broadcast addresses.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | include/net/sctp/structs.h | 3 | ||||
| -rw-r--r-- | net/sctp/input.c | 3 | ||||
| -rw-r--r-- | net/sctp/ipv6.c | 6 | ||||
| -rw-r--r-- | net/sctp/protocol.c | 8 | ||||
| -rw-r--r-- | net/sctp/socket.c | 2 |
5 files changed, 16 insertions, 6 deletions
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h index 7f4fea173fb..5f69158c100 100644 --- a/include/net/sctp/structs.h +++ b/include/net/sctp/structs.h | |||
| @@ -555,7 +555,8 @@ struct sctp_af { | |||
| 555 | int (*to_addr_param) (const union sctp_addr *, | 555 | int (*to_addr_param) (const union sctp_addr *, |
| 556 | union sctp_addr_param *); | 556 | union sctp_addr_param *); |
| 557 | int (*addr_valid) (union sctp_addr *, | 557 | int (*addr_valid) (union sctp_addr *, |
| 558 | struct sctp_sock *); | 558 | struct sctp_sock *, |
| 559 | const struct sk_buff *); | ||
| 559 | sctp_scope_t (*scope) (union sctp_addr *); | 560 | sctp_scope_t (*scope) (union sctp_addr *); |
| 560 | void (*inaddr_any) (union sctp_addr *, unsigned short); | 561 | void (*inaddr_any) (union sctp_addr *, unsigned short); |
| 561 | int (*is_any) (const union sctp_addr *); | 562 | int (*is_any) (const union sctp_addr *); |
diff --git a/net/sctp/input.c b/net/sctp/input.c index 1662f9cc869..70d6606e281 100644 --- a/net/sctp/input.c +++ b/net/sctp/input.c | |||
| @@ -170,7 +170,8 @@ int sctp_rcv(struct sk_buff *skb) | |||
| 170 | * IP broadcast addresses cannot be used in an SCTP transport | 170 | * IP broadcast addresses cannot be used in an SCTP transport |
| 171 | * address." | 171 | * address." |
| 172 | */ | 172 | */ |
| 173 | if (!af->addr_valid(&src, NULL) || !af->addr_valid(&dest, NULL)) | 173 | if (!af->addr_valid(&src, NULL, skb) || |
| 174 | !af->addr_valid(&dest, NULL, skb)) | ||
| 174 | goto discard_it; | 175 | goto discard_it; |
| 175 | 176 | ||
| 176 | asoc = __sctp_rcv_lookup(skb, &src, &dest, &transport); | 177 | asoc = __sctp_rcv_lookup(skb, &src, &dest, &transport); |
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index c20d282fac0..8ef08070c8b 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c | |||
| @@ -523,7 +523,9 @@ static int sctp_v6_available(union sctp_addr *addr, struct sctp_sock *sp) | |||
| 523 | * Return 0 - If the address is a non-unicast or an illegal address. | 523 | * Return 0 - If the address is a non-unicast or an illegal address. |
| 524 | * Return 1 - If the address is a unicast. | 524 | * Return 1 - If the address is a unicast. |
| 525 | */ | 525 | */ |
| 526 | static int sctp_v6_addr_valid(union sctp_addr *addr, struct sctp_sock *sp) | 526 | static int sctp_v6_addr_valid(union sctp_addr *addr, |
| 527 | struct sctp_sock *sp, | ||
| 528 | const struct sk_buff *skb) | ||
| 527 | { | 529 | { |
| 528 | int ret = ipv6_addr_type(&addr->v6.sin6_addr); | 530 | int ret = ipv6_addr_type(&addr->v6.sin6_addr); |
| 529 | 531 | ||
| @@ -537,7 +539,7 @@ static int sctp_v6_addr_valid(union sctp_addr *addr, struct sctp_sock *sp) | |||
| 537 | if (sp && ipv6_only_sock(sctp_opt2sk(sp))) | 539 | if (sp && ipv6_only_sock(sctp_opt2sk(sp))) |
| 538 | return 0; | 540 | return 0; |
| 539 | sctp_v6_map_v4(addr); | 541 | sctp_v6_map_v4(addr); |
| 540 | return sctp_get_af_specific(AF_INET)->addr_valid(addr, sp); | 542 | return sctp_get_af_specific(AF_INET)->addr_valid(addr, sp, skb); |
| 541 | } | 543 | } |
| 542 | 544 | ||
| 543 | /* Is this a non-unicast address */ | 545 | /* Is this a non-unicast address */ |
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 2088aa992b7..816c033d788 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c | |||
| @@ -365,12 +365,18 @@ static int sctp_v4_is_any(const union sctp_addr *addr) | |||
| 365 | * Return 0 - If the address is a non-unicast or an illegal address. | 365 | * Return 0 - If the address is a non-unicast or an illegal address. |
| 366 | * Return 1 - If the address is a unicast. | 366 | * Return 1 - If the address is a unicast. |
| 367 | */ | 367 | */ |
| 368 | static int sctp_v4_addr_valid(union sctp_addr *addr, struct sctp_sock *sp) | 368 | static int sctp_v4_addr_valid(union sctp_addr *addr, |
| 369 | struct sctp_sock *sp, | ||
| 370 | const struct sk_buff *skb) | ||
| 369 | { | 371 | { |
| 370 | /* Is this a non-unicast address or a unusable SCTP address? */ | 372 | /* Is this a non-unicast address or a unusable SCTP address? */ |
| 371 | if (IS_IPV4_UNUSABLE_ADDRESS(&addr->v4.sin_addr.s_addr)) | 373 | if (IS_IPV4_UNUSABLE_ADDRESS(&addr->v4.sin_addr.s_addr)) |
| 372 | return 0; | 374 | return 0; |
| 373 | 375 | ||
| 376 | /* Is this a broadcast address? */ | ||
| 377 | if (skb && ((struct rtable *)skb->dst)->rt_flags & RTCF_BROADCAST) | ||
| 378 | return 0; | ||
| 379 | |||
| 374 | return 1; | 380 | return 1; |
| 375 | } | 381 | } |
| 376 | 382 | ||
diff --git a/net/sctp/socket.c b/net/sctp/socket.c index b41dcbb8968..b811691c35b 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c | |||
| @@ -172,7 +172,7 @@ static inline int sctp_verify_addr(struct sock *sk, union sctp_addr *addr, | |||
| 172 | return -EINVAL; | 172 | return -EINVAL; |
| 173 | 173 | ||
| 174 | /* Is this a valid SCTP address? */ | 174 | /* Is this a valid SCTP address? */ |
| 175 | if (!af->addr_valid(addr, sctp_sk(sk))) | 175 | if (!af->addr_valid(addr, sctp_sk(sk), NULL)) |
| 176 | return -EINVAL; | 176 | return -EINVAL; |
| 177 | 177 | ||
| 178 | if (!sctp_sk(sk)->pf->send_verify(sctp_sk(sk), (addr))) | 178 | if (!sctp_sk(sk)->pf->send_verify(sctp_sk(sk), (addr))) |