diff options
| author |   Paolo Abeni <pabeni@redhat.com> | 2016-05-13 18:33:41 +0200 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2016-05-14 15:33:32 -0400 |
| commit | 626abd59e51d4d8c6367e03aae252a8aa759ac78 (patch) | |
| tree | 82140aaabeabc172e13cf5fc78d564a93acd5a0d /net/ipv4/fib_semantics.c | |
| parent | nf_conntrack: avoid kernel pointer value leak in slab name (diff) | |
| download | linux-dev-626abd59e51d4d8c6367e03aae252a8aa759ac78.tar.xz linux-dev-626abd59e51d4d8c6367e03aae252a8aa759ac78.zip | |
net/route: enforce hoplimit max value
Currently, when creating or updating a route, no check is performed
in both ipv4 and ipv6 code to the hoplimit value.
The caller can i.e. set hoplimit to 256, and when such route will
be used, packets will be sent with hoplimit/ttl equal to 0.
This commit adds checks for the RTAX_HOPLIMIT value, in both ipv4
ipv6 route code, substituting any value greater than 255 with 255.
This is consistent with what is currently done for ADVMSS and MTU
in the ipv4 code.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to '')
| -rw-r--r-- | net/ipv4/fib_semantics.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c index d97268e8ff10..2b68418c7198 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -975,6 +975,8 @@ fib_convert_metrics(struct fib_info *fi, const struct fib_config *cfg) val = 65535 - 40; if (type == RTAX_MTU && val > 65535 - 15) val = 65535 - 15; + if (type == RTAX_HOPLIMIT && val > 255) + val = 255; if (type == RTAX_FEATURES && (val & ~RTAX_FEATURE_MASK)) return -EINVAL; fi->fib_metrics[type - 1] = val; |