freebsd-skq/sys/netinet
Jesper Skriver 58e9b41722 Only call in_pcbnotify if the src port number != 0, as we
treat 0 as a wildcard in src/sys/in_pbc.c:in_pcbnotify()

It's sufficient to check for src|local port, as we'll have no
sessions with src|local port == 0

Without this a attacker sending ICMP messages, where the attached
IP header (+ 8 bytes) has the address and port numbers == 0, would
have the ICMP message applied to all sessions.

PR:		kern/25195
Submitted by:	originally by jesper, reimplimented by jlemon's advice
Reviewed by:	jlemon
Approved by:	jlemon
2001-02-20 23:25:04 +00:00
..
libalias Add a few ``const''s to silence some -Wwrite-strings warnings 2001-01-29 11:44:13 +00:00
accf_data.c Remove headers not needed. 2000-10-07 23:15:17 +00:00
accf_http.c Fix incorrect logic wouldn't disconnect incomming connections that had been 2001-01-03 19:50:23 +00:00
fil.c fix conflicts 2001-02-04 14:26:56 +00:00
icmp6.h sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
icmp_var.h Clean up RST ratelimiting. Previously, ratelimiting occured before tests 2001-02-11 07:39:51 +00:00
if_atm.c udp IPv6 support, IPv6/IPv4 tunneling support in kernel, 1999-12-07 17:39:16 +00:00
if_atm.h Add $FreeBSD$ 2000-05-01 20:32:07 +00:00
if_ether.c Sync with the bridge/dummynet/ipfw code already tested in stable. 2001-02-10 00:10:18 +00:00
if_ether.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
if_fddi.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
igmp_var.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
igmp.c Add #include <machine/in_cksum.h>, in order to pick up the checksum 2000-05-06 18:19:58 +00:00
igmp.h $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
in_cksum.c $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
in_gif.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
in_gif.h sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
in_hostcache.c Convert more malloc+bzero to malloc+M_ZERO. 2000-12-08 21:51:06 +00:00
in_hostcache.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
in_pcb.c Remove unneeded loop increment in src/sys/netinet/in_pcb.c:in_pcbnotify 2001-02-20 21:11:29 +00:00
in_pcb.h Update the "icmp_admin_prohib_like_rst" code to check the tcp-window and 2000-12-24 10:57:21 +00:00
in_proto.c Make netstat(1) to be aware of divert(4) sockets. 2000-08-03 14:09:52 +00:00
in_rmx.c $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
in_systm.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
in_var.h Convert if_multiaddrs from LIST to TAILQ so that it can be traversed 2001-02-06 10:12:15 +00:00
in.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
in.h Add definitions for IPPROTO numbers 55-57. 2001-02-14 13:51:20 +00:00
ip6.h remove m_pulldown statistics, which is highly experimental and does not 2000-07-12 16:39:13 +00:00
ip_auth.c fix conflicts 2001-02-04 14:26:56 +00:00
ip_auth.h fix conflicts from rcsids 2000-10-26 12:33:42 +00:00
ip_compat.h fix conflicts 2001-02-04 14:26:56 +00:00
ip_divert.c Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
ip_dummynet.c Sync with the bridge/dummynet/ipfw code already tested in stable. 2001-02-10 00:10:18 +00:00
ip_dummynet.h MFS: bridge/ipfw/dummynet fixes (bridge.c will be committed separately) 2001-02-02 00:18:00 +00:00
ip_ecn.c sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
ip_ecn.h sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
ip_encap.c Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
ip_encap.h sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
ip_fil.c While I'm here, get rid of (now useless) MCLISREFERENCED and use MEXT_IS_REF 2000-11-11 23:05:59 +00:00
ip_fil.h fix conflicts 2001-02-04 14:26:56 +00:00
ip_flow.c Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
ip_flow.h Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
ip_frag.c fix conflicts 2001-02-04 14:26:56 +00:00
ip_frag.h fix conflicts 2001-02-04 14:26:56 +00:00
ip_ftp_pxy.c fix conflicts 2001-02-04 14:26:56 +00:00
ip_fw.c Clean up warning. 2001-02-15 22:32:06 +00:00
ip_fw.h Introduce a new feature in IPFW: Check of the source or destination 2001-02-13 14:12:37 +00:00
ip_icmp.c Remove unneeded loop increment in src/sys/netinet/in_pcb.c:in_pcbnotify 2001-02-18 09:34:55 +00:00
ip_icmp.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
ip_input.c Send a ICMP unreachable instead of dropping the packet silent, if we 2001-02-20 21:31:47 +00:00
ip_log.c resolve conflicts 2000-08-13 04:31:06 +00:00
ip_mroute.c Fix typo: seperate -> separate. 2001-02-06 11:21:58 +00:00
ip_mroute.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
ip_nat.c fix duplicate rcsid 2001-02-04 15:25:15 +00:00
ip_nat.h fix conflicts 2001-02-04 14:26:56 +00:00
ip_output.c Another round of the <sys/queue.h> FOREACH transmogriffer. 2001-02-04 16:08:18 +00:00
ip_proxy.c fix conflicts 2000-05-24 04:21:35 +00:00
ip_proxy.h fix conflicts 2001-02-04 14:26:56 +00:00
ip_raudio_pxy.c Fix conflicts creted by import. 2000-10-29 07:53:05 +00:00
ip_rcmd_pxy.c fix conflicts 2001-02-04 14:26:56 +00:00
ip_state.c fix conflicts 2001-02-04 14:26:56 +00:00
ip_state.h fix conflicts from rcsids 2000-10-26 12:33:42 +00:00
ip_var.h sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
ip.h IPSEC support in the kernel. 1999-12-22 19:13:38 +00:00
ipl.h fix conflicts 2001-02-04 14:26:56 +00:00
ipprotosw.h activate pfil_hooks and covert ipfilter to use it 2000-07-31 13:11:42 +00:00
mlfk_ipl.c fix conflicts 2001-02-04 14:26:56 +00:00
raw_ip.c Mechanical change to use <sys/queue.h> macro API instead of 2001-02-04 13:13:25 +00:00
tcp_debug.c sync with kame tree as of july00. tons of bug fixes/improvements. 2000-07-04 16:35:15 +00:00
tcp_debug.h Sorry in this just befor code freeze commit. 2000-01-29 11:49:07 +00:00
tcp_fsm.h Undo rev 1.10, which took out TH_FIN from the CLOSING state. This 1999-11-07 04:18:30 +00:00
tcp_input.c Clean up RST ratelimiting. Previously, ratelimiting occured before tests 2001-02-11 07:39:51 +00:00
tcp_output.c Convert all users of fldoff() to offsetof(). fldoff() is bad 2000-10-27 11:45:49 +00:00
tcp_reass.c Clean up RST ratelimiting. Previously, ratelimiting occured before tests 2001-02-11 07:39:51 +00:00
tcp_seq.h Use stronger random number generation for TCP_ISSINCR and tcp_iss. 2000-09-29 01:37:19 +00:00
tcp_subr.c Only call in_pcbnotify if the src port number != 0, as we 2001-02-20 23:25:04 +00:00
tcp_timer.c If TCPDEBUG is defined, we could dereference a tp which was freed. 2000-10-02 15:00:13 +00:00
tcp_timer.h Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" 1999-12-29 04:46:21 +00:00
tcp_timewait.c Only call in_pcbnotify if the src port number != 0, as we 2001-02-20 23:25:04 +00:00
tcp_usrreq.c When turning off TCP_NOPUSH, call tcp_output to immediately flush 2001-02-02 18:48:25 +00:00
tcp_var.h Remove unneeded loop increment in src/sys/netinet/in_pcb.c:in_pcbnotify 2001-02-18 09:34:55 +00:00
tcp.h o Minor style(9)ism to make consistent with -STABLE 2001-01-09 18:26:17 +00:00
tcpip.h $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
udp_usrreq.c Only call in_pcbnotify if the src port number != 0, as we 2001-02-20 23:25:04 +00:00
udp_var.h remove unused data structure definition, and corresponding macro into*() 2001-02-18 07:10:03 +00:00
udp.h $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00