lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 11 Jul 2008 11:21:13 -0400
From:	Neil Horman <nhorman@...driver.com>
To:	netdev@...r.kernel.org
Cc:	nhorman@...driver.com, davem@...emloft.net, kuznet@....inr.ac.ru,
	pekkas@...core.fi, jmorris@...ei.org, yoshfuji@...ux-ipv6.org,
	kaber@...sh.net
Subject: [PATCH] IPv4 Multicast: prevent reception of mcast frames from
	unjoined groups

The current ipv4 multicast code incorrectly allows frames destined to any
multicast group to be received on any socket that is bound to INADDR_ANY,
regardless of weather or not that socket is subscribed to that group.  The
problem is in the ip_mc_sf_allow function.  If a multicast frame enters that
function, and no maching address is found on the passed in interfaces mc_list,
it returns 1, which causes the frame to be delivered.  It should instead return
0, whcih causes the calling function to skip delivery to the passed in socket.
Tested successfully by myself and the reporter.

Regards
Neil

Signed-off-by: Neil Horman <nhorman@...driver.com>



igmp.c |   13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index 2769dc4..bf54d39 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -2215,6 +2215,9 @@ int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, int dif)
 	struct ip_sf_socklist *psl;
 	int i;
 
+	if (ipv4_is_lbcast(loc_addr))
+		return 1;
+
 	if (!ipv4_is_multicast(loc_addr))
 		return 1;
 
@@ -2223,8 +2226,14 @@ int ip_mc_sf_allow(struct sock *sk, __be32 loc_addr, __be32 rmt_addr, int dif)
 		    pmc->multi.imr_ifindex == dif)
 			break;
 	}
-	if (!pmc)
-		return 1;
+	if (!pmc) {
+		/*
+		 * We aren't explicitly added to any mc group
+		 * so don't deliver
+		 */
+		return 0;
+	}
+
 	psl = pmc->sflist;
 	if (!psl)
 		return pmc->sfmode == MCAST_EXCLUDE;
-- 
/****************************************************
 * Neil Horman <nhorman@...driver.com>
 * Software Engineer, Red Hat
 ****************************************************/
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ