From: Paul Gortmaker <paul.gortmaker@windriver.com>
To: <davem@davemloft.net>
Cc: <netdev@vger.kernel.org>, <allan.stephens@windriver.com>,
<jon.maloy@ericsson.com>, <erik.hugne@ericsson.com>,
<ying.xue@windriver.com>
Subject: [PATCH net-next 09/10] tipc: Reject payload messages with invalid message type
Date: Mon, 30 Apr 2012 18:37:07 -0400 [thread overview]
Message-ID: <1335825428-16053-10-git-send-email-paul.gortmaker@windriver.com> (raw)
In-Reply-To: <1335825428-16053-1-git-send-email-paul.gortmaker@windriver.com>
From: Allan Stephens <allan.stephens@windriver.com>
Adds check to ensure TIPC sockets reject incoming payload messages
that have an unrecognized message type.
Remove the old open question about whether TIPC_ERR_NO_PORT is
the proper return value. It is appropriate here since there are
valid instances where another node can make use of the reply,
and at this point in time the host is already broadcasting TIPC
data, so there are no real security concerns.
Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
---
net/tipc/socket.c | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 6d4991e..3c00b40 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -1223,11 +1223,8 @@ static u32 filter_rcv(struct sock *sk, struct sk_buff *buf)
/* Reject message if it is wrong sort of message for socket */
- /*
- * WOULD IT BE BETTER TO JUST DISCARD THESE MESSAGES INSTEAD?
- * "NO PORT" ISN'T REALLY THE RIGHT ERROR CODE, AND THERE MAY
- * BE SECURITY IMPLICATIONS INHERENT IN REJECTING INVALID TRAFFIC
- */
+ if (msg_type(msg) > TIPC_DIRECT_MSG)
+ return TIPC_ERR_NO_PORT;
if (sock->state == SS_READY) {
if (msg_connected(msg))
--
1.7.9.6
next prev parent reply other threads:[~2012-04-30 22:37 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-30 22:36 [PATCH net-next 00/10] tipc: last batch from the sourceforge queue Paul Gortmaker
2012-04-30 22:36 ` [PATCH net-next 01/10] tipc: Optimize re-initialization of configuration service Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 02/10] tipc: Optimize initialization " Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 03/10] tipc: Optimize termination " Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 04/10] tipc: Enhance re-initialization of network topology service Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 05/10] tipc: Optimize initialization " Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 06/10] tipc: remove redundant memset and stale comment from subscr.c Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 07/10] tipc: Create helper routine to delete unused name sequence structure Paul Gortmaker
2012-04-30 22:37 ` [PATCH net-next 08/10] tipc: Enhance error checking of published names Paul Gortmaker
2012-04-30 22:37 ` Paul Gortmaker [this message]
2012-04-30 22:37 ` [PATCH net-next 10/10] tipc: compress out gratuitous extra carriage returns Paul Gortmaker
2012-05-01 1:45 ` [PATCH net-next 00/10] tipc: last batch from the sourceforge queue David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1335825428-16053-10-git-send-email-paul.gortmaker@windriver.com \
--to=paul.gortmaker@windriver.com \
--cc=allan.stephens@windriver.com \
--cc=davem@davemloft.net \
--cc=erik.hugne@ericsson.com \
--cc=jon.maloy@ericsson.com \
--cc=netdev@vger.kernel.org \
--cc=ying.xue@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).