sctp: check for ipv6_pinfo legal sndflow with flowlabel in sctp_v6_get_dst

The transport with illegal flowlabel should not be allowed to send
packets. Other transport protocols already denies this.

Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 38102bf..fc6c5e4 100644 (file)
--- a/net/sctp/ipv6.c
+++ b/net/sctp/ipv6.c
@@ -262,6 +262,15 @@ static void sctp_v6_get_dst(struct sctp_transport *t, union sctp_addr *saddr,
        if (t->flowlabel & SCTP_FLOWLABEL_SET_MASK)
                fl6->flowlabel = htonl(t->flowlabel & SCTP_FLOWLABEL_VAL_MASK);
 
+       if (np->sndflow && (fl6->flowlabel & IPV6_FLOWLABEL_MASK)) {
+               struct ip6_flowlabel *flowlabel;
+
+               flowlabel = fl6_sock_lookup(sk, fl6->flowlabel);
+               if (!flowlabel)
+                       goto out;
+               fl6_sock_release(flowlabel);
+       }
+
        pr_debug("%s: dst=%pI6 ", __func__, &fl6->daddr);
 
        if (asoc)