[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <lsq.1507553065.313449561@decadent.org.uk>
Date: Mon, 09 Oct 2017 13:44:25 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org, "Paolo Abeni" <pabeni@...hat.com>,
"David S. Miller" <davem@...emloft.net>
Subject: [PATCH 3.16 140/192] net/route: enforce hoplimit max value
3.16.49-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Paolo Abeni <pabeni@...hat.com>
[ Upstream commit 626abd59e51d4d8c6367e03aae252a8aa759ac78 ]
Currently, when creating or updating a route, no check is performed
in both ipv4 and ipv6 code to the hoplimit value.
The caller can i.e. set hoplimit to 256, and when such route will
be used, packets will be sent with hoplimit/ttl equal to 0.
This commit adds checks for the RTAX_HOPLIMIT value, in both ipv4
ipv6 route code, substituting any value greater than 255 with 255.
This is consistent with what is currently done for ADVMSS and MTU
in the ipv4 code.
Signed-off-by: Paolo Abeni <pabeni@...hat.com>
Signed-off-by: David S. Miller <davem@...emloft.net>
[bwh: Backported to 3.16: for IPv6, add the check to fib6_commit_metrics()]
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
--- a/net/ipv4/fib_semantics.c
+++ b/net/ipv4/fib_semantics.c
@@ -862,6 +862,8 @@ struct fib_info *fib_create_info(struct
val = 65535 - 40;
if (type == RTAX_MTU && val > 65535 - 15)
val = 65535 - 15;
+ if (type == RTAX_HOPLIMIT && val > 255)
+ val = 255;
fi->fib_metrics[type - 1] = val;
}
}
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -653,10 +653,14 @@ static int fib6_commit_metrics(struct ds
int type = nla_type(nla);
if (type) {
+ u32 val = nla_get_u32(nla);
+
if (type > RTAX_MAX)
return -EINVAL;
- mp[type - 1] = nla_get_u32(nla);
+ if (type == RTAX_HOPLIMIT && val > 255)
+ val = 255;
+ mp[type - 1] = val;
}
}
return 0;
Powered by blists - more mailing lists