mirror of
https://github.com/torvalds/linux.git
synced 2024-12-26 04:42:12 +00:00
[IGMP]: workaround for IGMP v1/v2 bug
From: David Stevens <dlstevens@us.ibm.com> As explained at: http://www.cs.ucsb.edu/~krishna/igmp_dos/ With IGMP version 1 and 2 it is possible to inject a unicast report to a client which will make it ignore multicast reports sent later by the router. The fix is to only accept the report if is was sent to a multicast or unicast address. Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
bf031fff1f
commit
24c6927505
@ -897,7 +897,10 @@ int igmp_rcv(struct sk_buff *skb)
|
|||||||
/* Is it our report looped back? */
|
/* Is it our report looped back? */
|
||||||
if (((struct rtable*)skb->dst)->fl.iif == 0)
|
if (((struct rtable*)skb->dst)->fl.iif == 0)
|
||||||
break;
|
break;
|
||||||
igmp_heard_report(in_dev, ih->group);
|
/* don't rely on MC router hearing unicast reports */
|
||||||
|
if (skb->pkt_type == PACKET_MULTICAST ||
|
||||||
|
skb->pkt_type == PACKET_BROADCAST)
|
||||||
|
igmp_heard_report(in_dev, ih->group);
|
||||||
break;
|
break;
|
||||||
case IGMP_PIM:
|
case IGMP_PIM:
|
||||||
#ifdef CONFIG_IP_PIMSM_V1
|
#ifdef CONFIG_IP_PIMSM_V1
|
||||||
|
@ -1231,6 +1231,11 @@ int igmp6_event_report(struct sk_buff *skb)
|
|||||||
if (skb->pkt_type == PACKET_LOOPBACK)
|
if (skb->pkt_type == PACKET_LOOPBACK)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
/* send our report if the MC router may not have heard this report */
|
||||||
|
if (skb->pkt_type != PACKET_MULTICAST &&
|
||||||
|
skb->pkt_type != PACKET_BROADCAST)
|
||||||
|
return 0;
|
||||||
|
|
||||||
if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
|
if (!pskb_may_pull(skb, sizeof(struct in6_addr)))
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user