HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS366335

MFS r366324:
rS366335
Actions

Description

MFS r366324:
Improve the handling of receiving unordered and unreliable user
messages using DATA chunks. Don't use fsn_included when not being
sure that it is set to an appropriate value. If the default is
used, which is -1, this can result in SCTP associaitons not
making any user visible progress.

Thanks to Yutaka Takeda for reporting this issue for the the
userland stack in https://github.com/pion/sctp/issues/138.

MFS r366329:
Improve the input validation and processing of cookies.
This avoids setting the association in an inconsistent
state, which could result in a use-after-free situation.
This can be triggered by a malicious peer, if the peer
can modify the cookie without the local endpoint recognizing
it.
Thanks to Ned Williamson for reporting the issue.

Approved by: re (gjb)

Details

Provenance
tuexenAuthored on
Parents
rS366334: Tag llvm-project branch release/11.x llvmorg-11.0.0-rc5-0-g60a25202a7d.
Branches
Unknown
Tags
Unknown

Changes (4)

PathSize
releng/
12.2/
sys/
netinet/

rS366335

View Options

releng/12.2/

Loading...
View Options

releng/12.2/sys/netinet/sctp_indata.c

Loading...
View Options

releng/12.2/sys/netinet/sctp_input.c

Loading...
View Options

releng/12.2/sys/netinet/sctp_pcb.c

Loading...