Date: Tue, 20 Feb 2001 15:25:07 -0800 (PST) From: Jesper Skriver <jesper@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/netinet tcp_subr.c udp_usrreq.c Message-ID: <200102202325.f1KNP7317790@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
jesper 2001/02/20 15:25:07 PST
Modified files:
sys/netinet tcp_subr.c udp_usrreq.c
Log:
Only call in_pcbnotify if the src port number != 0, as we
treat 0 as a wildcard in src/sys/in_pbc.c:in_pcbnotify()
It's sufficient to check for src|local port, as we'll have no
sessions with src|local port == 0
Without this a attacker sending ICMP messages, where the attached
IP header (+ 8 bytes) has the address and port numbers == 0, would
have the ICMP message applied to all sessions.
PR: kern/25195
Submitted by: originally by jesper, reimplimented by jlemon's advice
Reviewed by: jlemon
Approved by: jlemon
Revision Changes Path
1.90 +15 -1 src/sys/netinet/tcp_subr.c
1.84 +14 -1 src/sys/netinet/udp_usrreq.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102202325.f1KNP7317790>