summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorstephen hemminger <shemminger@vyatta.com>2011-07-22 09:47:07 +0200
committerDavid S. Miller <davem@davemloft.net>2011-07-23 02:01:12 +0200
commit0652cac22ce3fa0c90e35d0a2862969fc394cb02 (patch)
treecb4aa33271758c13924999dd43fc32664f212b1b /net
parentbridge: send proper message_age in config BPDU (diff)
downloadlinux-0652cac22ce3fa0c90e35d0a2862969fc394cb02.tar.xz
linux-0652cac22ce3fa0c90e35d0a2862969fc394cb02.zip
bridge: ignore bogus STP config packets
If the message_age is already greater than the max_age, then the BPDU is bogus. Linux won't generate BPDU, but conformance tester or buggy implementation might. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/bridge/br_stp_bpdu.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/net/bridge/br_stp_bpdu.c b/net/bridge/br_stp_bpdu.c
index 289646ec9b7b..b69232b3718b 100644
--- a/net/bridge/br_stp_bpdu.c
+++ b/net/bridge/br_stp_bpdu.c
@@ -210,6 +210,17 @@ void br_stp_rcv(const struct stp_proto *proto, struct sk_buff *skb,
bpdu.hello_time = br_get_ticks(buf+28);
bpdu.forward_delay = br_get_ticks(buf+30);
+ if (bpdu.message_age > bpdu.max_age) {
+ if (net_ratelimit())
+ br_notice(p->br,
+ "port %u config from %pM"
+ " (message_age %ul > max_age %ul)\n",
+ p->port_no,
+ eth_hdr(skb)->h_source,
+ bpdu.message_age, bpdu.max_age);
+ goto out;
+ }
+
br_received_config_bpdu(p, &bpdu);
}