CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Michael Tuexen <tuexen@FreeBSD.org>
	Thu, 1 Oct 2020 18:17:56 +0000 (18:17 +0000)
committer	Michael Tuexen <tuexen@FreeBSD.org>
	Thu, 1 Oct 2020 18:17:56 +0000 (18:17 +0000)
commit	6a550fd843f892a861f310356dd4227896f70d45
tree	0bd4e1e1ac1bdd6d600c0e3a96bca6d10d86ab94	tree \| snapshot
parent	84b6afb5363623dcb3adb1d44f73c97ef9e23582	commit \| diff

MFS r366324:
Improve the handling of receiving unordered and unreliable user
messages using DATA chunks. Don't use fsn_included when not being
sure that it is set to an appropriate value. If the default is
used, which is -1, this can result in SCTP associaitons not
making any user visible progress.

Thanks to Yutaka Takeda for reporting this issue for the the
userland stack in https://github.com/pion/sctp/issues/138.

MFS r366329:
Improve the input validation and processing of cookies.
This avoids setting the association in an inconsistent
state, which could result in a use-after-free situation.
This can be triggered by a malicious peer, if the peer
can modify the cookie without the local endpoint recognizing
it.
Thanks to Ned Williamson for reporting the issue.

Approved by: re (gjb)

sys/netinet/sctp_indata.c		diff \| blob \| history
sys/netinet/sctp_input.c		diff \| blob \| history
sys/netinet/sctp_pcb.c		diff \| blob \| history