lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[IPV6]: Check outgoing interface even if source address is unspecified.

Browse Source 
The outgoing interface index (ipi6_ifindex) in IPV6_PKTINFO
ancillary data, is not checked if the source address (ipi6_addr)
is unspecified.  If the ipi6_ifindex is the not-exist interface,
it should be fail.

Based on patch from Shan Wei <shanwei@cn.fujitsu.com> and
Brian Haley <brian.haley@hp.com>.

Signed-off-by: Shan Wei <shanwei@cn.fujitsu.com>
Signed-off-by: Brian Haley <brian.haley@hp.com>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
This commit is contained in:
YOSHIFUJI Hideaki
2008-06-04 13:01:37 +09:00
parent 95b496b666
commit 187e38384c
1 changed files with 22 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
net/ipv6/datagram.c
View File

@@ -509,7 +509,6 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) { for (cmsg = CMSG_FIRSTHDR(msg); cmsg; cmsg = CMSG_NXTHDR(msg, cmsg)) {
int addr_type; int addr_type;
struct net_device *dev = NULL;
if (!CMSG_OK(msg, cmsg)) { if (!CMSG_OK(msg, cmsg)) {
err = -EINVAL; err = -EINVAL;
@@ -522,6 +521,9 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
switch (cmsg->cmsg_type) { switch (cmsg->cmsg_type) {
case IPV6_PKTINFO: case IPV6_PKTINFO:
case IPV6_2292PKTINFO: case IPV6_2292PKTINFO:
{
struct net_device *dev = NULL;
if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct in6_pktinfo))) { if (cmsg->cmsg_len < CMSG_LEN(sizeof(struct in6_pktinfo))) {
err = -EINVAL; err = -EINVAL;
goto exit_f; goto exit_f;
@@ -535,32 +537,32 @@ int datagram_send_ctl(struct msghdr *msg, struct flowi *fl,
fl->oif = src_info->ipi6_ifindex; fl->oif = src_info->ipi6_ifindex;
} }
addr_type = ipv6_addr_type(&src_info->ipi6_addr); addr_type = __ipv6_addr_type(&src_info->ipi6_addr);
if (addr_type == IPV6_ADDR_ANY) if (fl->oif) {
break; dev = dev_get_by_index(&init_net, fl->oif);
if (addr_type & IPV6_ADDR_LINKLOCAL) {
if (!src_info->ipi6_ifindex)
return -EINVAL;
else {
dev = dev_get_by_index(&init_net, src_info->ipi6_ifindex);
if (!dev) if (!dev)
return -ENODEV; return -ENODEV;
} } else if (addr_type & IPV6_ADDR_LINKLOCAL)
} return -EINVAL;
if (addr_type != IPV6_ADDR_ANY) {
int strict = __ipv6_addr_src_scope(addr_type) <= IPV6_ADDR_SCOPE_LINKLOCAL;
if (!ipv6_chk_addr(&init_net, &src_info->ipi6_addr, if (!ipv6_chk_addr(&init_net, &src_info->ipi6_addr,
dev, 0)) { strict ? dev : NULL, 0))
if (dev)
dev_put(dev);
err = -EINVAL; err = -EINVAL;
goto exit_f; else
ipv6_addr_copy(&fl->fl6_src, &src_info->ipi6_addr);
} }
if (dev) if (dev)
dev_put(dev); dev_put(dev);
ipv6_addr_copy(&fl->fl6_src, &src_info->ipi6_addr); if (err)
goto exit_f;
break; break;
}
case IPV6_FLOWINFO: case IPV6_FLOWINFO:
if (cmsg->cmsg_len < CMSG_LEN(4)) { if (cmsg->cmsg_len < CMSG_LEN(4)) {