summaryrefslogtreecommitdiff
path: root/net/sctp
diff options
context:
space:
mode:
authorVlad Yasevich <vladislav.yasevich@hp.com>2007-09-17 23:14:28 +0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-09-26 09:55:48 +0400
commit3c77f961b55b6060858c68a213d7f4470d7f3eb2 (patch)
tree551b912a8d26049a22685401bef93cb553bb8671 /net/sctp
parentece25dfa0991f65c4e1d26beb1c3c45bda4239b8 (diff)
downloadlinux-3c77f961b55b6060858c68a213d7f4470d7f3eb2.tar.xz
SCTP: Discard OOTB packetes with bundled INIT early.
RFC 4460 and future RFC 4960 (2960-bis) specify that packets with bundled INIT chunks need to be dropped. We currenlty do that only after processing any leading chunks. For OOTB chunks, since we already walk the entire packet, we should discard packets with bundled INITs. There are other chunks chunks that MUST NOT be bundled, but the spec is silent on theire treatment. Thus, we'll leave their teatment alone for the moment. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Acked-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Diffstat (limited to 'net/sctp')
-rw-r--r--net/sctp/input.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/net/sctp/input.c b/net/sctp/input.c
index 47e56017f4ce..f9a0c9276e3b 100644
--- a/net/sctp/input.c
+++ b/net/sctp/input.c
@@ -622,6 +622,14 @@ static int sctp_rcv_ootb(struct sk_buff *skb)
if (SCTP_CID_SHUTDOWN_COMPLETE == ch->type)
goto discard;
+ /* RFC 4460, 2.11.2
+ * This will discard packets with INIT chunk bundled as
+ * subsequent chunks in the packet. When INIT is first,
+ * the normal INIT processing will discard the chunk.
+ */
+ if (SCTP_CID_INIT == ch->type && (void *)ch != skb->data)
+ goto discard;
+
/* RFC 8.4, 7) If the packet contains a "Stale cookie" ERROR
* or a COOKIE ACK the SCTP Packet should be silently
* discarded.