udplite: Protection against coverage value wrap-around This patch clamps the cscov setsockopt values to a maximum of 0xFFFF. Setsockopt values greater than 0xffff can cause an unwanted wrap-around. Further, IPv6 jumbograms are not supported (RFC 3838, 3.5), so that values greater than 0xffff are not even useful. Further changes: fixed a typo in the documentation. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 47112e25da41d9059626033986dc3353e101f815 [log] [tgz]
author: Gerrit Renker <gerrit@erg.abdn.ac.uk> Mon Jul 21 13:35:08 2008 -0700
committer: David S. Miller <davem@davemloft.net> Mon Jul 21 13:35:08 2008 -0700
tree: 72857968c318960ba50a4cc7232041228e8361dc
parent: 6579e57b31d79d31d9b806e41ba48774e73257dc [diff] [blame]
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index a751770..383d173 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c

@@ -1325,6 +1325,8 @@
 			return -ENOPROTOOPT;
 		if (val != 0 && val < 8) /* Illegal coverage: use default (8) */
 			val = 8;
+		else if (val > USHORT_MAX)
+			val = USHORT_MAX;
 		up->pcslen = val;
 		up->pcflag |= UDPLITE_SEND_CC;
 		break;
@@ -1337,6 +1339,8 @@
 			return -ENOPROTOOPT;
 		if (val != 0 && val < 8) /* Avoid silly minimal values.       */
 			val = 8;
+		else if (val > USHORT_MAX)
+			val = USHORT_MAX;
 		up->pcrlen = val;
 		up->pcflag |= UDPLITE_RECV_CC;
 		break;
commit	47112e25da41d9059626033986dc3353e101f815	[log] [tgz]
author	Gerrit Renker <gerrit@erg.abdn.ac.uk>	Mon Jul 21 13:35:08 2008 -0700
committer	David S. Miller <davem@davemloft.net>	Mon Jul 21 13:35:08 2008 -0700
tree	72857968c318960ba50a4cc7232041228e8361dc
parent	6579e57b31d79d31d9b806e41ba48774e73257dc [diff] [blame]