summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorXin Long <lucien.xin@gmail.com>2018-07-02 18:21:15 +0800
committerDavid S. Miller <davem@davemloft.net>2018-07-04 11:36:54 +0900
commit0999f021c988770a37edfb266027db9c413901fd (patch)
treefc9216b00df2e629b019127b6ab7e795fc9b5049
parent4be4139f7d0dc74e5a0932c7c7ddf0eb65da9e3a (diff)
sctp: check for ipv6_pinfo legal sndflow with flowlabel in sctp_v6_get_dst
The transport with illegal flowlabel should not be allowed to send packets. Other transport protocols already denies this. Signed-off-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/sctp/ipv6.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 38102bf7f13e..fc6c5e4bffa5 100644
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -262,6 +262,15 @@ static void sctp_v6_get_dst(struct sctp_transport *t, union sctp_addr *saddr,
if (t->flowlabel & SCTP_FLOWLABEL_SET_MASK)
fl6->flowlabel = htonl(t->flowlabel & SCTP_FLOWLABEL_VAL_MASK);
+ if (np->sndflow && (fl6->flowlabel & IPV6_FLOWLABEL_MASK)) {
+ struct ip6_flowlabel *flowlabel;
+
+ flowlabel = fl6_sock_lookup(sk, fl6->flowlabel);
+ if (!flowlabel)
+ goto out;
+ fl6_sock_release(flowlabel);
+ }
+
pr_debug("%s: dst=%pI6 ", __func__, &fl6->daddr);
if (asoc)