diff options
| author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 1998-02-25 03:45:16 +0000 |
|---|---|---|
| committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 1998-02-25 03:45:16 +0000 |
| commit | 8852002e7b34d24cf92393ceff8a1085f073edfe (patch) | |
| tree | a484fc41738048a53736307c1f41aa26ef7558c8 /sys | |
| parent | da7cdb3381c409c4b29e1af9c4a90fe9060e5285 (diff) | |
Disallow TCP connects to 255.255.255.255 or local broadcast addresses.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/netinet/in.c | 24 | ||||
| -rw-r--r-- | sys/netinet/tcp_usrreq.c | 11 |
2 files changed, 30 insertions, 5 deletions
diff --git a/sys/netinet/in.c b/sys/netinet/in.c index 15dc3692352..a452495ee9e 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in.c,v 1.3 1996/09/12 06:04:47 tholo Exp $ */ +/* $OpenBSD: in.c,v 1.4 1998/02/25 03:45:14 angelos Exp $ */ /* $NetBSD: in.c,v 1.26 1996/02/13 23:41:39 christos Exp $ */ /* @@ -431,19 +431,35 @@ in_broadcast(in, ifp) struct in_addr in; struct ifnet *ifp; { + struct ifnet *ifn, *if_first, *if_target; register struct ifaddr *ifa; if (in.s_addr == INADDR_BROADCAST || in.s_addr == INADDR_ANY) return 1; - if ((ifp->if_flags & IFF_BROADCAST) == 0) + if (ifp && ((ifp->if_flags & IFF_BROADCAST) == 0)) return 0; + + if (ifp == NULL) + { + if_first = ifnet.tqh_first; + if_target = 0; + } + else + { + if_first = ifp; + if_target = ifp->if_list.tqe_next; + } + +#define ia (ifatoia(ifa)) /* * Look through the list of addresses for a match * with a broadcast address. + * If ifp is NULL, check against all the local interfaces. */ -#define ia (ifatoia(ifa)) - for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa->ifa_list.tqe_next) + for (ifn = if_first; ifn != if_target; ifn = ifn->if_list.tqe_next) + for (ifa = ifp->if_addrlist.tqh_first; ifa; + ifa = ifa->ifa_list.tqe_next) if (ifa->ifa_addr->sa_family == AF_INET && (in.s_addr == ia->ia_broadaddr.sin_addr.s_addr || in.s_addr == ia->ia_netbroadcast.s_addr || diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 50df2eea2af..14f360265bd 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tcp_usrreq.c,v 1.16 1998/01/24 18:21:39 mickey Exp $ */ +/* $OpenBSD: tcp_usrreq.c,v 1.17 1998/02/25 03:45:15 angelos Exp $ */ /* $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */ /* @@ -90,6 +90,7 @@ tcp_usrreq(so, req, m, nam, control) int req; struct mbuf *m, *nam, *control; { + struct sockaddr_in *sin = mtod(nam, struct sockaddr_in *); register struct inpcb *inp; register struct tcpcb *tp = NULL; int s; @@ -189,6 +190,13 @@ tcp_usrreq(so, req, m, nam, control) * Send initial segment on connection. */ case PRU_CONNECT: + /* Trying to connect to some broadcast address */ + if (in_broadcast(sin->sin_addr, NULL)) + { + error = EINVAL; + break; + } + if (inp->inp_lport == 0) { error = in_pcbbind(inp, NULL); if (error) @@ -197,6 +205,7 @@ tcp_usrreq(so, req, m, nam, control) error = in_pcbconnect(inp, nam); if (error) break; + tp->t_template = tcp_template(tp); if (tp->t_template == 0) { in_pcbdisconnect(inp); |