]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit - sys/netinet/sctp_pcb.c
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1d20d26) | patch
Improve the input validation and processing of cookies.
authortuexen <tuexen@FreeBSD.org>
Tue, 29 Sep 2020 09:36:06 +0000 (09:36 +0000)
committertuexen <tuexen@FreeBSD.org>
Tue, 29 Sep 2020 09:36:06 +0000 (09:36 +0000)
commit80448fbca05bd6be0a00ff5e8398bb4f3092319d
treeaf911c7cf1849e12d01d61a02ba8cbdb6c1c5108tree | snapshot
parent1d20d26810fe1663e4e848a3ce820703e6f01feecommit | diff
Improve the input validation and processing of cookies.
This avoids setting the association in an inconsistent
state, which could result in a use-after-free situation.
This can be triggered by a malicious peer, if the peer
can modify the cookie without the local endpoint recognizing
it.
Thanks to Ned Williamson for reporting the issue.

MFC after: 3 days
sys/netinet/sctp_input.c diff | blob | history
sys/netinet/sctp_pcb.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.