aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGilad Ben-Yossef <gilad@codefidence.com>2009-11-05 02:21:44 -0500
committerDavid S. Miller <davem@davemloft.net>2009-11-05 02:24:14 -0500
commit05eaade2782fb0c90d3034fd7a7d5a16266182bb (patch)
tree57a7229c25b49ded65319e23ffb300dfb9339cf2
parent8d044fe6aacaf573112331847155211a56a12736 (diff)
tcp: Do not call IPv4 specific func in tcp_check_req
Calling IPv4 specific inet_csk_route_req in tcp_check_req is a bad idea and crashes machine on IPv6 connections, as reported by Valdis Kletnieks Also, all we are really interested in is the timestamp option in the header, so calling tcp_parse_options() with the "estab" set to false flag is an overkill as it tries to parse half a dozen other TCP options. We know whether timestamp should be enabled or not using data from request_sock. Signed-off-by: Gilad Ben-Yossef <gilad@codefidence.com> Tested-by: Valdis.Kletnieks@vt.edu Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/ipv4/tcp_minisocks.c9
1 files changed, 3 insertions, 6 deletions
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index 463d51b53d37..a9d34e224cb6 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -500,11 +500,10 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
500 int paws_reject = 0; 500 int paws_reject = 0;
501 struct tcp_options_received tmp_opt; 501 struct tcp_options_received tmp_opt;
502 struct sock *child; 502 struct sock *child;
503 struct dst_entry *dst = inet_csk_route_req(sk, req);
504 503
505 tmp_opt.saw_tstamp = 0; 504 if ((th->doff > (sizeof(struct tcphdr)>>2)) && (req->ts_recent)) {
506 if (th->doff > (sizeof(struct tcphdr)>>2)) { 505 tmp_opt.tstamp_ok = 1;
507 tcp_parse_options(skb, &tmp_opt, 0, dst); 506 tcp_parse_options(skb, &tmp_opt, 1, NULL);
508 507
509 if (tmp_opt.saw_tstamp) { 508 if (tmp_opt.saw_tstamp) {
510 tmp_opt.ts_recent = req->ts_recent; 509 tmp_opt.ts_recent = req->ts_recent;
@@ -517,8 +516,6 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
517 } 516 }
518 } 517 }
519 518
520 dst_release(dst);
521
522 /* Check for pure retransmitted SYN. */ 519 /* Check for pure retransmitted SYN. */
523 if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn && 520 if (TCP_SKB_CB(skb)->seq == tcp_rsk(req)->rcv_isn &&
524 flg == TCP_FLAG_SYN && 521 flg == TCP_FLAG_SYN &&