| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 5 Jun 2016 12:19:23 +0200 From: Willy Tarreau <w@....eu> To: linux-kernel@...r.kernel.org, stable@...r.kernel.org Cc: Xin Long <lucien.xin@...il.com>, "David S . Miller" <davem@...emloft.net>, Willy Tarreau <w@....eu> Subject: [PATCH 3.10 060/143] sctp: lack the check for ports in sctp_v6_cmp_addr From: Xin Long <lucien.xin@...il.com> commit 40b4f0fd74e46c017814618d67ec9127ff20f157 upstream. As the member .cmp_addr of sctp_af_inet6, sctp_v6_cmp_addr should also check the port of addresses, just like sctp_v4_cmp_addr, cause it's invoked by sctp_cmp_addr_exact(). Now sctp_v6_cmp_addr just check the port when two addresses have different family, and lack the port check for two ipv6 addresses. that will make sctp_hash_cmp() cannot work well. so fix it by adding ports comparison in sctp_v6_cmp_addr(). Signed-off-by: Xin Long <lucien.xin@...il.com> Signed-off-by: David S. Miller <davem@...emloft.net> Signed-off-by: Willy Tarreau <w@....eu> --- net/sctp/ipv6.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index bee032a..10d3e28 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -520,6 +520,8 @@ static int sctp_v6_cmp_addr(const union sctp_addr *addr1, } return 0; } + if (addr1->v6.sin6_port != addr2->v6.sin6_port) + return 0; if (!ipv6_addr_equal(&addr1->v6.sin6_addr, &addr2->v6.sin6_addr)) return 0; /* If this is a linklocal address, compare the scope_id. */ -- 2.8.0.rc2.1.gbe9624a
Powered by blists - more mailing lists