diff options
Diffstat (limited to 'net/netfilter/nf_conntrack_proto_sctp.c')
-rw-r--r-- | net/netfilter/nf_conntrack_proto_sctp.c | 29 |
1 files changed, 13 insertions, 16 deletions
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c index db87af41c342..b841a8aeee7c 100644 --- a/net/netfilter/nf_conntrack_proto_sctp.c +++ b/net/netfilter/nf_conntrack_proto_sctp.c @@ -202,7 +202,7 @@ static int do_basic_checks(struct nf_conn *ct, unsigned long *map) { u_int32_t offset, count; - sctp_chunkhdr_t _sch, *sch; + struct sctp_chunkhdr _sch, *sch; int flag; flag = 0; @@ -397,7 +397,7 @@ static int sctp_packet(struct nf_conn *ct, sch->type == SCTP_CID_INIT_ACK) { sctp_inithdr_t _inithdr, *ih; - ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), + ih = skb_header_pointer(skb, offset + sizeof(_sch), sizeof(_inithdr), &_inithdr); if (ih == NULL) goto out_unlock; @@ -471,23 +471,20 @@ static bool sctp_new(struct nf_conn *ct, const struct sk_buff *skb, /* Copy the vtag into the state info */ if (sch->type == SCTP_CID_INIT) { - if (sh->vtag == 0) { - sctp_inithdr_t _inithdr, *ih; + sctp_inithdr_t _inithdr, *ih; + /* Sec 8.5.1 (A) */ + if (sh->vtag) + return false; - ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), - sizeof(_inithdr), &_inithdr); - if (ih == NULL) - return false; + ih = skb_header_pointer(skb, offset + sizeof(_sch), + sizeof(_inithdr), &_inithdr); + if (!ih) + return false; - pr_debug("Setting vtag %x for new conn\n", - ih->init_tag); + pr_debug("Setting vtag %x for new conn\n", + ih->init_tag); - ct->proto.sctp.vtag[IP_CT_DIR_REPLY] = - ih->init_tag; - } else { - /* Sec 8.5.1 (A) */ - return false; - } + ct->proto.sctp.vtag[IP_CT_DIR_REPLY] = ih->init_tag; } else if (sch->type == SCTP_CID_HEARTBEAT) { pr_debug("Setting vtag %x for secondary conntrack\n", sh->vtag); |