diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-09-16 21:06:10 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2008-09-16 21:06:10 +0200 |
commit | 406737e5aa38f90b01aebe2f6295e7b4ef828220 (patch) | |
tree | ce79ff0f4002934cfe85aee5effc5c9b02043753 | |
parent | 8baf83a1170d00dec1ff6b91ab6b66bb3eb064df (diff) | |
download | conntrack-tools-406737e5aa38f90b01aebe2f6295e7b4ef828220.tar.gz conntrack-tools-406737e5aa38f90b01aebe2f6295e7b4ef828220.zip |
ftfw: check for malformed ack and nack messages
This patch checks that the [from, to] interval of ack and nack messages
is OK. In other words, we check that: to >= from
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/sync-ftfw.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/sync-ftfw.c b/src/sync-ftfw.c index 42005c4..cc8a08c 100644 --- a/src/sync-ftfw.c +++ b/src/sync-ftfw.c @@ -302,6 +302,10 @@ static int digest_msg(const struct nethdr *net) dprint("ACK(%u): from seq=%u to seq=%u\n", h->seq, h->from, h->to); + + if (before(h->to, h->from)) + return MSG_BAD; + rs_list_empty(STATE_SYNC(internal), h->from, h->to); queue_iterate(rs_queue, h, rs_queue_empty); return MSG_CTL; @@ -311,6 +315,10 @@ static int digest_msg(const struct nethdr *net) dprint("NACK(%u): from seq=%u to seq=%u\n", nack->seq, nack->from, nack->to); + + if (before(nack->to, nack->from)) + return MSG_BAD; + rs_list_to_tx(STATE_SYNC(internal), nack->from, nack->to); queue_iterate(rs_queue, nack, rs_queue_to_tx); return MSG_CTL; |