leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5762d7d3ed
linux/net/sctp
History
Xin Long c5006b8aa7 sctp: do not allow the v4 socket to bind a v4mapped v6 address 
The check in sctp_sockaddr_af is not robust enough to forbid binding a
v4mapped v6 addr on a v4 socket.

The worse thing is that v4 socket's bind_verify would not convert this
v4mapped v6 addr to a v4 addr. syzbot even reported a crash as the v4
socket bound a v6 addr.

This patch is to fix it by doing the common sa.sa_family check first,
then AF_INET check for v4mapped v6 addrs.

Fixes: 7dab83de50 ("sctp: Support ipv6only AF_INET6 sockets.")
Reported-by: syzbot+7b7b518b1228d2743963@syzkaller.appspotmail.com
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-01-16 14:24:20 -05:00
..
associola.c net: sctp: Convert timers to use timer_setup() 2017-10-25 12:02:09 +09:00
auth.c sctp: remove the typedef sctp_hmac_algo_param_t 2017-07-16 20:52:14 -07:00
bind_addr.c sctp: remove the typedef sctp_scope_t 2017-08-06 21:33:41 -07:00
chunk.c sctp: do not abandon the other frags in unsent outq if one msg has outstanding frags 2017-12-01 15:06:24 -05:00
debug.c sctp: add SCTP_CID_RECONF conversion in sctp_cname 2017-12-18 13:21:46 -05:00
endpointola.c sctp: remove the typedef sctp_subtype_t 2017-08-06 21:33:42 -07:00
input.c sctp: fix the handling of ICMP Frag Needed for too small MTUs 2018-01-08 14:19:13 -05:00
inqueue.c sctp: remove the typedef sctp_chunkhdr_t 2017-07-01 09:08:41 -07:00
ipv6.c sctp: avoid compiler warning on implicit fallthru 2018-01-15 13:56:13 -05:00
Kconfig sctp: add the sctp_diag.c file 2016-04-15 17:29:36 -04:00
Makefile Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00
objcnt.c sctp: remove the typedef sctp_dbg_objcnt_entry_t 2017-08-11 10:02:43 -07:00
offload.c net: use skb->csum_not_inet to identify packets needing crc32c 2017-05-19 19:21:29 -04:00
output.c sctp: remove the typedef sctp_xmit_t 2017-08-06 21:33:42 -07:00
outqueue.c sctp: avoid compiler warning on implicit fallthru 2018-01-15 13:56:13 -05:00
primitive.c sctp: remove the typedef sctp_subtype_t 2017-08-06 21:33:42 -07:00
probe.c sctp: remove the typedef sctp_disposition_t 2017-08-11 10:02:44 -07:00
proc.c net: convert sock.sk_wmem_alloc from atomic_t to refcount_t 2017-07-01 07:39:08 -07:00
protocol.c sctp: remove extern from stream sched 2017-11-28 11:00:13 -05:00
sctp_diag.c sctp: Fix a big endian bug in sctp_diag_dump() 2017-09-26 21:16:29 -07:00
sm_make_chunk.c sctp: check stream reset info len before making reconf chunk 2017-11-16 10:49:00 +09:00
sm_sideeffect.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-10-30 21:09:24 +09:00
sm_statefuns.c sctp: remove the typedef sctp_disposition_t 2017-08-11 10:02:44 -07:00
sm_statetable.c sctp: remove the typedef sctp_sm_table_entry_t 2017-08-11 10:02:44 -07:00
socket.c sctp: do not allow the v4 socket to bind a v4mapped v6 address 2018-01-16 14:24:20 -05:00
stream_sched_prio.c sctp: remove extern from stream sched 2017-11-28 11:00:13 -05:00
stream_sched_rr.c sctp: remove extern from stream sched 2017-11-28 11:00:13 -05:00
stream_sched.c sctp: remove extern from stream sched 2017-11-28 11:00:13 -05:00
stream.c sctp: fix error path in sctp_stream_init 2018-01-03 11:29:42 -05:00
sysctl.c sctp: remove the typedef sctp_scope_policy_t 2017-08-06 21:33:41 -07:00
transport.c sctp: fix the handling of ICMP Frag Needed for too small MTUs 2018-01-08 14:19:13 -05:00
tsnmap.c sctp: Fix FSF address in file headers 2013-12-06 12:37:56 -05:00
ulpevent.c sctp: fix some type cast warnings introduced by stream reconf 2017-10-29 18:03:24 +09:00
ulpqueue.c sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege 2017-12-18 13:21:46 -05:00