From: Vlad Yasevich <vyasevich@gmail•com>
To: Daniel Borkmann <dborkman@redhat•com>
Cc: davem@davemloft•net, linux-sctp@vger•kernel.org, netdev@vger•kernel.org
Subject: Re: [PATCH net] net: sctp: sctp_v6_get_dst: fix boolean test in dst cache
Date: Tue, 12 Feb 2013 20:13:08 -0500 [thread overview]
Message-ID: <511AE8A4.4060608@gmail.com> (raw)
In-Reply-To: <4a07201201d7bac08468d17dea3dbc1ea9a67205.1360709645.git.dborkman@redhat.com>
On 02/12/2013 06:30 PM, Daniel Borkmann wrote:
> We walk through the bind address list and try to get the best source
> address for a given destination. However, currently, we take the
> 'continue' path of the loop when an entry is invalid (!laddr->valid)
> *and* the entry state does not equal SCTP_ADDR_SRC (laddr->state !=
> SCTP_ADDR_SRC).
>
> Thus, still, invalid entries with SCTP_ADDR_SRC might not 'continue'
> as well as valid entries with SCTP_ADDR_{NEW, SRC, DEL}, with a possible
> false baddr and matchlen as a result, causing in worst case dst route
> to be false or possibly NULL.
>
> This test should actually be a '||' instead of '&&'. But lets fix it
> and make this a bit easier to read by having the condition the same way
> as similarly done in sctp_v4_get_dst.
>
> Signed-off-by: Daniel Borkmann <dborkman@redhat•com>
It uses || everywhere else except this one case. I don't know what I
was thinking when I wrote that one.... :)
Acked-by: Vlad Yasevich <vyasevich@gmail•com>
> ---
> net/sctp/ipv6.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
> index f3f0f4d..391a245 100644
> --- a/net/sctp/ipv6.c
> +++ b/net/sctp/ipv6.c
> @@ -326,9 +326,10 @@ static void sctp_v6_get_dst(struct sctp_transport *t, union sctp_addr *saddr,
> */
> rcu_read_lock();
> list_for_each_entry_rcu(laddr, &bp->address_list, list) {
> - if (!laddr->valid && laddr->state != SCTP_ADDR_SRC)
> + if (!laddr->valid)
> continue;
> - if ((laddr->a.sa.sa_family == AF_INET6) &&
> + if ((laddr->state == SCTP_ADDR_SRC) &&
> + (laddr->a.sa.sa_family == AF_INET6) &&
> (scope <= sctp_scope(&laddr->a))) {
> bmatchlen = sctp_v6_addr_match_len(daddr, &laddr->a);
> if (!baddr || (matchlen < bmatchlen)) {
>
next prev parent reply other threads:[~2013-02-13 1:13 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1360709645.git.dborkman@redhat.com>
2013-02-12 23:30 ` [PATCH net] net: sctp: sctp_v6_get_dst: fix boolean test in dst cache Daniel Borkmann
2013-02-13 1:13 ` Vlad Yasevich [this message]
2013-02-13 12:02 ` Neil Horman
2013-02-13 18:42 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=511AE8A4.4060608@gmail.com \
--to=vyasevich@gmail$(echo .)com \
--cc=davem@davemloft$(echo .)net \
--cc=dborkman@redhat$(echo .)com \
--cc=linux-sctp@vger$(echo .)kernel.org \
--cc=netdev@vger$(echo .)kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox