diff options
author | David S. Miller <davem@davemloft.net> | 2016-12-20 14:15:45 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-12-20 14:15:45 -0500 |
commit | b794e252f5c1c640097348566dd85d463698ce90 (patch) | |
tree | e1d963678b88a3236dfee33246557a0b0841aaaa | |
parent | 92f95322c65fef330cc0a6bb6ed3e7966f8635d5 (diff) | |
parent | b8607805dd157d5f93372f338b3f3b9018c507d7 (diff) |
Merge branch 'sctp-fixes'
Xin Long says:
====================
sctp: fix the issue that may copy duplicate addrs into assoc's bind address list
Patch 1/2 is to fix some indent level.
Given that we have kernels out there with this issue, patch 2/2 also
fix sctp_raw_to_bind_addrs.
v1 -> v2:
Explain why we didn't filter the duplicate addresses when global
address list gets updated in patch 2/2 changelog.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/sctp/bind_addr.c | 3 | ||||
-rw-r--r-- | net/sctp/protocol.c | 40 |
2 files changed, 25 insertions, 18 deletions
diff --git a/net/sctp/bind_addr.c b/net/sctp/bind_addr.c index 401c60750b20..1ebc184a0e23 100644 --- a/net/sctp/bind_addr.c +++ b/net/sctp/bind_addr.c @@ -292,6 +292,8 @@ int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list, } af->from_addr_param(&addr, rawaddr, htons(port), 0); + if (sctp_bind_addr_state(bp, &addr) != -1) + goto next; retval = sctp_add_bind_addr(bp, &addr, sizeof(addr), SCTP_ADDR_SRC, gfp); if (retval) { @@ -300,6 +302,7 @@ int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list, break; } +next: len = ntohs(param->length); addrs_len -= len; raw_addr_list += len; diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c index 7b523e3f551f..616a9428e0c4 100644 --- a/net/sctp/protocol.c +++ b/net/sctp/protocol.c @@ -205,26 +205,30 @@ int sctp_copy_local_addr_list(struct net *net, struct sctp_bind_addr *bp, list_for_each_entry_rcu(addr, &net->sctp.local_addr_list, list) { if (!addr->valid) continue; - if (sctp_in_scope(net, &addr->a, scope)) { - /* Now that the address is in scope, check to see if - * the address type is really supported by the local - * sock as well as the remote peer. - */ - if ((((AF_INET == addr->a.sa.sa_family) && - (copy_flags & SCTP_ADDR4_PEERSUPP))) || - (((AF_INET6 == addr->a.sa.sa_family) && - (copy_flags & SCTP_ADDR6_ALLOWED) && - (copy_flags & SCTP_ADDR6_PEERSUPP)))) { - error = sctp_add_bind_addr(bp, &addr->a, - sizeof(addr->a), - SCTP_ADDR_SRC, GFP_ATOMIC); - if (error) - goto end_copy; - } - } + if (!sctp_in_scope(net, &addr->a, scope)) + continue; + + /* Now that the address is in scope, check to see if + * the address type is really supported by the local + * sock as well as the remote peer. + */ + if (addr->a.sa.sa_family == AF_INET && + !(copy_flags & SCTP_ADDR4_PEERSUPP)) + continue; + if (addr->a.sa.sa_family == AF_INET6 && + (!(copy_flags & SCTP_ADDR6_ALLOWED) || + !(copy_flags & SCTP_ADDR6_PEERSUPP))) + continue; + + if (sctp_bind_addr_state(bp, &addr->a) != -1) + continue; + + error = sctp_add_bind_addr(bp, &addr->a, sizeof(addr->a), + SCTP_ADDR_SRC, GFP_ATOMIC); + if (error) + break; } -end_copy: rcu_read_unlock(); return error; } |