From: stephen hemminger Date: Fri, 22 Jul 2011 07:47:07 +0000 (+0000) Subject: bridge: ignore bogus STP config packets X-Git-Tag: firefly_0821_release~3680^2~4947^2~29 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=0652cac22ce3fa0c90e35d0a2862969fc394cb02;p=firefly-linux-kernel-4.4.55.git bridge: ignore bogus STP config packets If the message_age is already greater than the max_age, then the BPDU is bogus. Linux won't generate BPDU, but conformance tester or buggy implementation might. Signed-off-by: Stephen Hemminger Signed-off-by: David S. Miller --- diff --git a/net/bridge/br_stp_bpdu.c b/net/bridge/br_stp_bpdu.c index 289646ec9b7b..b69232b3718b 100644 --- a/net/bridge/br_stp_bpdu.c +++ b/net/bridge/br_stp_bpdu.c @@ -210,6 +210,17 @@ void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb, bpdu.hello_time = br_get_ticks(buf+28); bpdu.forward_delay = br_get_ticks(buf+30); + if (bpdu.message_age > bpdu.max_age) { + if (net_ratelimit()) + br_notice(p->br, + "port %u config from %pM" + " (message_age %ul > max_age %ul)\n", + p->port_no, + eth_hdr(skb)->h_source, + bpdu.message_age, bpdu.max_age); + goto out; + } + br_received_config_bpdu(p, &bpdu); }