aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVlad Yasevich <vladislav.yasevich@hp.com>2006-06-18 01:55:35 -0400
committerDavid S. Miller <davem@davemloft.net>2006-06-18 01:55:35 -0400
commit5636bef7324f49e36f05ec8a5f6284e11b1bcca4 (patch)
treeb5e9e42560ba86ffbbd63a582df87844996b6d03
parent402d68c43326d2f0e7e2e9a9013cd4c098d9b87c (diff)
[SCTP]: Reject sctp packets with broadcast addresses.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/net/sctp/structs.h3
-rw-r--r--net/sctp/input.c3
-rw-r--r--net/sctp/ipv6.c6
-rw-r--r--net/sctp/protocol.c8
-rw-r--r--net/sctp/socket.c2
5 files changed, 16 insertions, 6 deletions
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index 7f4fea173fb1..5f69158c1006 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -555,7 +555,8 @@ struct sctp_af {
555 int (*to_addr_param) (const union sctp_addr *, 555 int (*to_addr_param) (const union sctp_addr *,
556 union sctp_addr_param *); 556 union sctp_addr_param *);
557 int (*addr_valid) (union sctp_addr *, 557 int (*addr_valid) (union sctp_addr *,
558 struct sctp_sock *); 558 struct sctp_sock *,
559 const struct sk_buff *);
559 sctp_scope_t (*scope) (union sctp_addr *); 560 sctp_scope_t (*scope) (union sctp_addr *);
560 void (*inaddr_any) (union sctp_addr *, unsigned short); 561 void (*inaddr_any) (union sctp_addr *, unsigned short);
561 int (*is_any) (const union sctp_addr *); 562 int (*is_any) (const union sctp_addr *);
diff --git a/net/sctp/input.c b/net/sctp/input.c
index 1662f9cc869e..70d6606e2812 100644
--- a/net/sctp/input.c
+++ b/net/sctp/input.c
@@ -170,7 +170,8 @@ int sctp_rcv(struct sk_buff *skb)
170 * IP broadcast addresses cannot be used in an SCTP transport 170 * IP broadcast addresses cannot be used in an SCTP transport
171 * address." 171 * address."
172 */ 172 */
173 if (!af->addr_valid(&src, NULL) || !af->addr_valid(&dest, NULL)) 173 if (!af->addr_valid(&src, NULL, skb) ||
174 !af->addr_valid(&dest, NULL, skb))
174 goto discard_it; 175 goto discard_it;
175 176
176 asoc = __sctp_rcv_lookup(skb, &src, &dest, &transport); 177 asoc = __sctp_rcv_lookup(skb, &src, &dest, &transport);
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index c20d282fac06..8ef08070c8b6 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -523,7 +523,9 @@ static int sctp_v6_available(union sctp_addr *addr, struct sctp_sock *sp)
523 * Return 0 - If the address is a non-unicast or an illegal address. 523 * Return 0 - If the address is a non-unicast or an illegal address.
524 * Return 1 - If the address is a unicast. 524 * Return 1 - If the address is a unicast.
525 */ 525 */
526static int sctp_v6_addr_valid(union sctp_addr *addr, struct sctp_sock *sp) 526static int sctp_v6_addr_valid(union sctp_addr *addr,
527 struct sctp_sock *sp,
528 const struct sk_buff *skb)
527{ 529{
528 int ret = ipv6_addr_type(&addr->v6.sin6_addr); 530 int ret = ipv6_addr_type(&addr->v6.sin6_addr);
529 531
@@ -537,7 +539,7 @@ static int sctp_v6_addr_valid(union sctp_addr *addr, struct sctp_sock *sp)
537 if (sp && ipv6_only_sock(sctp_opt2sk(sp))) 539 if (sp && ipv6_only_sock(sctp_opt2sk(sp)))
538 return 0; 540 return 0;
539 sctp_v6_map_v4(addr); 541 sctp_v6_map_v4(addr);
540 return sctp_get_af_specific(AF_INET)->addr_valid(addr, sp); 542 return sctp_get_af_specific(AF_INET)->addr_valid(addr, sp, skb);
541 } 543 }
542 544
543 /* Is this a non-unicast address */ 545 /* Is this a non-unicast address */
diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c
index 2088aa992b7a..816c033d7886 100644
--- a/net/sctp/protocol.c
+++ b/net/sctp/protocol.c
@@ -365,12 +365,18 @@ static int sctp_v4_is_any(const union sctp_addr *addr)
365 * Return 0 - If the address is a non-unicast or an illegal address. 365 * Return 0 - If the address is a non-unicast or an illegal address.
366 * Return 1 - If the address is a unicast. 366 * Return 1 - If the address is a unicast.
367 */ 367 */
368static int sctp_v4_addr_valid(union sctp_addr *addr, struct sctp_sock *sp) 368static int sctp_v4_addr_valid(union sctp_addr *addr,
369 struct sctp_sock *sp,
370 const struct sk_buff *skb)
369{ 371{
370 /* Is this a non-unicast address or a unusable SCTP address? */ 372 /* Is this a non-unicast address or a unusable SCTP address? */
371 if (IS_IPV4_UNUSABLE_ADDRESS(&addr->v4.sin_addr.s_addr)) 373 if (IS_IPV4_UNUSABLE_ADDRESS(&addr->v4.sin_addr.s_addr))
372 return 0; 374 return 0;
373 375
376 /* Is this a broadcast address? */
377 if (skb && ((struct rtable *)skb->dst)->rt_flags & RTCF_BROADCAST)
378 return 0;
379
374 return 1; 380 return 1;
375} 381}
376 382
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index b41dcbb89685..b811691c35bf 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -172,7 +172,7 @@ static inline int sctp_verify_addr(struct sock *sk, union sctp_addr *addr,
172 return -EINVAL; 172 return -EINVAL;
173 173
174 /* Is this a valid SCTP address? */ 174 /* Is this a valid SCTP address? */
175 if (!af->addr_valid(addr, sctp_sk(sk))) 175 if (!af->addr_valid(addr, sctp_sk(sk), NULL))
176 return -EINVAL; 176 return -EINVAL;
177 177
178 if (!sctp_sk(sk)->pf->send_verify(sctp_sk(sk), (addr))) 178 if (!sctp_sk(sk)->pf->send_verify(sctp_sk(sk), (addr)))