aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/esp6.c6
-rw-r--r--net/ipv6/ipv6_sockglue.c12
-rw-r--r--net/ipv6/xfrm6_policy.c2
3 files changed, 12 insertions, 8 deletions
diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
index 7db66f10e00d..444053254676 100644
--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -230,6 +230,12 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
230 } 230 }
231 /* ... check padding bits here. Silly. :-) */ 231 /* ... check padding bits here. Silly. :-) */
232 232
233 /* RFC4303: Drop dummy packets without any error */
234 if (nexthdr[1] == IPPROTO_NONE) {
235 ret = -EINVAL;
236 goto out;
237 }
238
233 pskb_trim(skb, skb->len - alen - padlen - 2); 239 pskb_trim(skb, skb->len - alen - padlen - 2);
234 ret = nexthdr[1]; 240 ret = nexthdr[1];
235 } 241 }
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c
index 1334fc174bcf..8c5f80fd03ad 100644
--- a/net/ipv6/ipv6_sockglue.c
+++ b/net/ipv6/ipv6_sockglue.c
@@ -1046,7 +1046,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
1046 break; 1046 break;
1047 1047
1048 default: 1048 default:
1049 return -EINVAL; 1049 return -ENOPROTOOPT;
1050 } 1050 }
1051 len = min_t(unsigned int, sizeof(int), len); 1051 len = min_t(unsigned int, sizeof(int), len);
1052 if(put_user(len, optlen)) 1052 if(put_user(len, optlen))
@@ -1069,9 +1069,8 @@ int ipv6_getsockopt(struct sock *sk, int level, int optname,
1069 1069
1070 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1070 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen);
1071#ifdef CONFIG_NETFILTER 1071#ifdef CONFIG_NETFILTER
1072 /* we need to exclude all possible EINVALs except default case */ 1072 /* we need to exclude all possible ENOPROTOOPTs except default case */
1073 if (err == -EINVAL && optname != IPV6_ADDRFORM && 1073 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1074 optname != MCAST_MSFILTER) {
1075 int len; 1074 int len;
1076 1075
1077 if (get_user(len, optlen)) 1076 if (get_user(len, optlen))
@@ -1108,9 +1107,8 @@ int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1108 1107
1109 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen); 1108 err = do_ipv6_getsockopt(sk, level, optname, optval, optlen);
1110#ifdef CONFIG_NETFILTER 1109#ifdef CONFIG_NETFILTER
1111 /* we need to exclude all possible EINVALs except default case */ 1110 /* we need to exclude all possible ENOPROTOOPTs except default case */
1112 if (err == -EINVAL && optname != IPV6_ADDRFORM && 1111 if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1113 optname != MCAST_MSFILTER) {
1114 int len; 1112 int len;
1115 1113
1116 if (get_user(len, optlen)) 1114 if (get_user(len, optlen))
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 82e27b80d07d..b8e9eb445d74 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -233,7 +233,7 @@ __xfrm6_bundle_create(struct xfrm_policy *policy, struct xfrm_state **xfrm, int
233 dst_prev->output = dst_prev->xfrm->outer_mode->afinfo->output; 233 dst_prev->output = dst_prev->xfrm->outer_mode->afinfo->output;
234 /* Sheit... I remember I did this right. Apparently, 234 /* Sheit... I remember I did this right. Apparently,
235 * it was magically lost, so this code needs audit */ 235 * it was magically lost, so this code needs audit */
236 x->u.rt6.rt6i_flags = rt0->rt6i_flags&(RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL); 236 x->u.rt6.rt6i_flags = rt0->rt6i_flags&(RTF_ANYCAST|RTF_LOCAL);
237 x->u.rt6.rt6i_metric = rt0->rt6i_metric; 237 x->u.rt6.rt6i_metric = rt0->rt6i_metric;
238 x->u.rt6.rt6i_node = rt0->rt6i_node; 238 x->u.rt6.rt6i_node = rt0->rt6i_node;
239 x->u.rt6.rt6i_gateway = rt0->rt6i_gateway; 239 x->u.rt6.rt6i_gateway = rt0->rt6i_gateway;
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-16 14:47:20 -0500