sctp: Fix restart address add prevention logic (jgrimm)

The logic was opposite as needed, disallowing valid restart and allowing hijack.

sctp: Fix restart address add prevention logic (jgrimm)
The logic was opposite as needed, disallowing valid restart and allowing hijack.
b06ce00b · Jon Grimm · d3df6dcc · b06ce00b
Commit b06ce00b authored Oct 07, 2002 by Jon Grimm
Show whitespace changes
Inline Side-by-side

Showing with 12 additions and 10 deletions

net/sctp/sm_statefuns.c net/sctp/sm_statefuns.c +12 -10

No files found.
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -1228,13 +1228,13 @@ static sctp_disposition_t sctp_sf_do_dupcook_a(const sctp_endpoint_t *ep,
 	new_addr = NULL;
 	list_for_each(pos, &new_asoc->peer.transport_addr_list) {
 		new_addr = list_entry(pos, sctp_transport_t, transports);
-		found = 1;
+		found = 0;
 		list_for_each_safe(pos2, temp, 
 				   &asoc->peer.transport_addr_list) {
 			addr = list_entry(pos2, sctp_transport_t, transports);
-			if (!sctp_cmp_addr_exact(&new_addr->ipaddr,
+			if (sctp_cmp_addr_exact(&new_addr->ipaddr,
 						&addr->ipaddr)) {
-				found = 0;
+				found = 1;
 				break;
 			}
 		}
@@ -1264,6 +1264,9 @@ static sctp_disposition_t sctp_sf_do_dupcook_a(const sctp_endpoint_t *ep,
 			goto nomem_abort;
 		sctp_init_cause(repl, SCTP_ERROR_RESTART, rawaddr.v, len);
 		sctp_add_cmd_sf(commands, SCTP_CMD_REPLY, SCTP_CHUNK(repl));
+		/* Discard the rest of the packet too. */
+		sctp_add_cmd_sf(commands, SCTP_CMD_DISCARD_PACKET, 
+				SCTP_NULL());
 		return SCTP_DISPOSITION_CONSUME;
 	nomem_abort:
@@ -2881,8 +2884,7 @@ sctp_disposition_t sctp_sf_discard_chunk(const sctp_endpoint_t *ep,
 *
 * The return value is the disposition of the chunk.
 */
-sctp_disposition_t
+sctp_disposition_t sctp_sf_pdiscard(const sctp_endpoint_t *ep,
-sctp_sf_pdiscard(const sctp_endpoint_t *ep,
 				    const sctp_association_t *asoc,
 				    const sctp_subtype_t type,
 				    void *arg,