From: Wei Yongjun <yjwei@cn.fujitsu.com>
To: dccp@vger.kernel.org
Subject: [PATCH 2/4] DCCP: Add check for sequence number in ICMPv6 message
Date: Thu, 24 Jul 2008 08:48:18 +0000 [thread overview]
Message-ID: <488841D2.9040206@cn.fujitsu.com> (raw)
RFC4340 said:
ICMP Datagram Too Big messages with incorrect or missing Sequence
Numbers may be ignored, or the DCCP implementation may lower the PMTU
only temporarily in response.
This patch add the check for sequence number in ICMPv6 message.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
diff -Nurp a/net/dccp/ipv6.c b/net/dccp/ipv6.c
--- a/net/dccp/ipv6.c
+++ b/net/dccp/ipv6.c
@@ -89,6 +89,7 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
{
struct ipv6hdr *hdr = (struct ipv6hdr *)skb->data;
const struct dccp_hdr *dh = (struct dccp_hdr *)(skb->data + offset);
+ struct dccp_sock *dp;
struct ipv6_pinfo *np;
struct sock *sk;
int err;
@@ -115,6 +116,14 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
if (sk->sk_state = DCCP_CLOSED)
goto out;
+ dp = dccp_sk(sk);
+ seq = dccp_hdr_seq(dh);
+ if ((1 << sk->sk_state) & ~(DCCPF_REQUESTING | DCCPF_LISTEN) &&
+ !between48(seq, dp->dccps_awl, dp->dccps_awh)) {
+ NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
+ goto out;
+ }
+
np = inet6_sk(sk);
if (type = ICMPV6_PKT_TOOBIG) {
@@ -167,7 +176,6 @@ static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
icmpv6_err_convert(type, code, &err);
- seq = dccp_hdr_seq(dh);
/* Might be for an request_sock */
switch (sk->sk_state) {
struct request_sock *req, **prev;
next reply other threads:[~2008-07-24 8:48 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-24 8:48 Wei Yongjun [this message]
2008-07-24 20:13 ` [PATCH 2/4] DCCP: Add check for sequence number in ICMPv6 Gerrit Renker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=488841D2.9040206@cn.fujitsu.com \
--to=yjwei@cn.fujitsu.com \
--cc=dccp@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.