diff options
| author | tuexen <tuexen@FreeBSD.org> | 2016-01-16 18:00:47 +0000 |
|---|---|---|
| committer | tuexen <tuexen@FreeBSD.org> | 2016-01-16 18:00:47 +0000 |
| commit | 0abbe1fceeb5919dce86b60b04ed201a26be8fa9 (patch) | |
| tree | d4c6a8f9ff9c3e3c63d89de0289bf1daf813601f /sys | |
| parent | 22f077551bb229c4d0c2837f571c7ed607404981 (diff) | |
| download | FreeBSD-src-0abbe1fceeb5919dce86b60b04ed201a26be8fa9.zip FreeBSD-src-0abbe1fceeb5919dce86b60b04ed201a26be8fa9.tar.gz | |
MFC r290023:
When processing a cookie, any mismatch in port numbers or the vtag results
in failing the check.
This fixes https://github.com/nplab/ETSI-SCTP-Conformance-Testsuite/blob/master/sctp-imh-tests/sctp-imh-i-3-3.pkt
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/sctp_input.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netinet/sctp_input.c b/sys/netinet/sctp_input.c index e1d8af7..4ce6909 100644 --- a/sys/netinet/sctp_input.c +++ b/sys/netinet/sctp_input.c @@ -2435,8 +2435,8 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, cookie_offset = offset + sizeof(struct sctp_chunkhdr); cookie_len = ntohs(cp->ch.chunk_length); - if ((cookie->peerport != sh->src_port) && - (cookie->myport != sh->dest_port) && + if ((cookie->peerport != sh->src_port) || + (cookie->myport != sh->dest_port) || (cookie->my_vtag != sh->v_tag)) { /* * invalid ports or bad tag. Note that we always leave the |
