On Fri, Feb 03, 2017 at 05:37:06PM +0800, Xin Long wrote: > This patch is to check if asoc->peer.prsctp_capable is set before > processing fwd tsn chunk, if not, it will return an ERROR to the > peer, just as rfc3758 section 3.3.1 demands. > > Reported-by: Julian Cordes <julian.cordes@xxxxxxxxx> > Signed-off-by: Xin Long <lucien.xin@xxxxxxxxx> > --- > net/sctp/sm_statefuns.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c > index 782e579..d8798dd 100644 > --- a/net/sctp/sm_statefuns.c > +++ b/net/sctp/sm_statefuns.c > @@ -3867,6 +3867,9 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn(struct net *net, > return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); > } > > + if (!asoc->peer.prsctp_capable) > + return sctp_sf_unk_chunk(net, ep, asoc, type, arg, commands); > + > /* Make sure that the FORWARD_TSN chunk has valid length. */ > if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_fwdtsn_chunk))) > return sctp_sf_violation_chunklen(net, ep, asoc, type, arg, > @@ -3935,6 +3938,9 @@ sctp_disposition_t sctp_sf_eat_fwd_tsn_fast( > return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); > } > > + if (!asoc->peer.prsctp_capable) > + return sctp_sf_unk_chunk(net, ep, asoc, type, arg, commands); > + > /* Make sure that the FORWARD_TSN chunk has a valid length. */ > if (!sctp_chunk_length_valid(chunk, sizeof(struct sctp_fwdtsn_chunk))) > return sctp_sf_violation_chunklen(net, ep, asoc, type, arg, > -- > 2.1.0 > > Acked-by: Neil Horman <nhorman@xxxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
