aboutsummaryrefslogtreecommitdiff
path: root/net/netfilter
diff options
context:
space:
mode:
authorWei Yongjun <yjwei@cn.fujitsu.com>2008-02-05 23:35:04 +0900
committerVlad Yasevich <vladislav.yasevich@hp.com>2008-02-06 21:27:39 -0500
commita869981423b96045c49420a6884c72528836cea8 (patch)
treef8f97758febdd52e19bc4c27c566a9ba3027e359 /net/netfilter
parentb46ae36de451212d253f31112338517753739191 (diff)
[SCTP]: Fix kernel panic while received ASCONF chunk with bad serial number
While recevied ASCONF chunk with serial number less then needed, kernel will treat this chunk as a retransmitted ASCONF chunk and find cached ASCONF-ACK chunk used sctp_assoc_lookup_asconf_ack(). But this function will always return NO-NULL. So response with cached ASCONF-ACKs chunk will cause kernel panic. In function sctp_assoc_lookup_asconf_ack(), if the cached ASCONF-ACKs list asconf_ack_list is empty, or if the serial being requested does not exists, the function as it currectly stands returns the actuall list_head asoc->asconf_ack_list, this is not a cache ASCONF-ACK chunk but a bogus pointer. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Diffstat (limited to 'net/netfilter')
0 files changed, 0 insertions, 0 deletions