diff options
author | stephen hemminger <shemminger@vyatta.com> | 2011-07-22 09:47:07 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2011-07-23 02:01:12 +0200 |
commit | 0652cac22ce3fa0c90e35d0a2862969fc394cb02 (patch) | |
tree | cb4aa33271758c13924999dd43fc32664f212b1b /net | |
parent | bridge: send proper message_age in config BPDU (diff) | |
download | linux-0652cac22ce3fa0c90e35d0a2862969fc394cb02.tar.xz linux-0652cac22ce3fa0c90e35d0a2862969fc394cb02.zip |
bridge: ignore bogus STP config packets
If the message_age is already greater than the max_age, then the
BPDU is bogus. Linux won't generate BPDU, but conformance tester
or buggy implementation might.
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/bridge/br_stp_bpdu.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/net/bridge/br_stp_bpdu.c b/net/bridge/br_stp_bpdu.c index 289646ec9b7b..b69232b3718b 100644 --- a/net/bridge/br_stp_bpdu.c +++ b/net/bridge/br_stp_bpdu.c @@ -210,6 +210,17 @@ void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb, bpdu.hello_time = br_get_ticks(buf+28); bpdu.forward_delay = br_get_ticks(buf+30); + if (bpdu.message_age > bpdu.max_age) { + if (net_ratelimit()) + br_notice(p->br, + "port %u config from %pM" + " (message_age %ul > max_age %ul)\n", + p->port_no, + eth_hdr(skb)->h_source, + bpdu.message_age, bpdu.max_age); + goto out; + } + br_received_config_bpdu(p, &bpdu); } |