d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/sys/netinet
History
Xin LI 6a58f0e913 Fix SCTP stream reset vulnerability. 
We would like to acknowledge Gerasimos Dimitriadis who reported
the issue and Michael Tuexen who analyzed and provided the
fix.

Security:	FreeBSD-SA-15:03.sctp
Security:	CVE-2014-8613
Submitted by:	tuexen
2015-01-27 19:35:38 +00:00
..
cc
DCTCP (Data Center TCP) implementation.
2015-01-12 08:33:04 +00:00
khelp
libalias
It'll be okay to use LibAliasDetachHandlers() here, relying
2013-12-25 09:43:51 +00:00
accf_data.c
accf_dns.c
In preparation of merging projects/sendfile, transform bare access to
2014-11-12 09:57:15 +00:00
accf_http.c
In preparation of merging projects/sendfile, transform bare access to
2014-11-12 09:57:15 +00:00
cc.h
DCTCP (Data Center TCP) implementation.
2015-01-12 08:33:04 +00:00
icmp6.h
Migrate structs in6_ifstat and icmp6_ifstat to PCPU counters.
2013-07-09 09:59:46 +00:00
icmp_var.h
Remove more constants related to static sysctl nodes. The MAXID constants
2014-02-25 18:44:33 +00:00
if_atm.c
The r48589 promised to remove implicit inclusion of if_var.h soon. Prepare
2013-10-26 17:58:36 +00:00
if_atm.h
Add const qualifier to the dst parameter of the ifnet if_output method.
2013-04-26 12:50:32 +00:00
if_ether.c
* Deal with ARCNET L2 multicast mapping for IPv6 the same way as in IPv4:
2015-01-09 12:56:51 +00:00
if_ether.h
Do not return unlocked/unreferenced lle in arpresolve/nd6_storelladdr -
2014-11-27 23:06:25 +00:00
igmp_var.h
Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have
2014-08-08 01:57:15 +00:00
igmp.c
To ease changes to underlying mbuf structure and the mbuf allocator, reduce
2015-01-05 09:58:32 +00:00
igmp.h
in_cksum.c
in_debug.c
in_gif.c
Extern declarations in C files loses compile-time checking that
2014-12-25 21:32:37 +00:00
in_kdtrace.c
dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE
2013-11-26 08:46:27 +00:00
in_kdtrace.h
dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE
2013-11-26 08:46:27 +00:00
in_mcast.c
Only define the full inm_print() if KTR_IGMPV3 is enabled at compile time.
2014-09-30 17:26:34 +00:00
in_pcb.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
in_pcb.h
Start process of removing the use of the deprecated "M_FLOWID" flag
2014-12-01 11:45:24 +00:00
in_pcbgroup.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
in_proto.c
Finish r274118: remove useless fields from struct domain.
2014-11-06 14:39:04 +00:00
in_rmx.c
Kill custom in_matroute() radix mathing function removing one rte mutex lock.
2014-11-11 02:52:40 +00:00
in_rss.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
in_rss.h
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
in_systm.h
Where appropriate, use the modern terms for the one true time base
2014-12-21 05:07:11 +00:00
in_var.h
Kill custom in_matroute() radix mathing function removing one rte mutex lock.
2014-11-11 02:52:40 +00:00
in.c
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
2014-11-07 09:39:05 +00:00
in.h
Kill custom in_matroute() radix mathing function removing one rte mutex lock.
2014-11-11 02:52:40 +00:00
ip6.h
Eliminate use of M_EXT in IP6_EXTHDR_CHECK() by trimming a redundant
2014-10-05 06:28:53 +00:00
ip_carp.c
Log hardware interface up/down as "hardware" rather than just "hw".
2015-01-23 14:30:24 +00:00
ip_carp.h
Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have
2014-08-08 01:57:15 +00:00
ip_divert.c
Update ip_divert.ko to depend on version 3 of ipfw.
2014-10-11 16:08:54 +00:00
ip_divert.h
ip_dummynet.h
ECN marking implenetation for dummynet.
2014-06-01 07:28:24 +00:00
ip_ecn.c
ip_ecn.h
ip_encap.c
Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have
2014-08-08 01:57:15 +00:00
ip_encap.h
Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have
2014-08-08 01:57:15 +00:00
ip_fastfwd.c
Remove incorrect layering violating code that:
2015-01-12 09:41:12 +00:00
ip_fw.h
Fix matching default rule on clear/show commands.
2014-10-13 13:49:28 +00:00
ip_gre.c
Extern declarations in C files loses compile-time checking that
2014-12-25 21:32:37 +00:00
ip_icmp.c
Where appropriate, use the modern terms for the one true time base
2014-12-21 05:07:11 +00:00
ip_icmp.h
Where appropriate, use the modern terms for the one true time base
2014-12-21 05:07:11 +00:00
ip_id.c
Back out r249318, r249320 and r249327 due to a heisenbug most
2013-05-06 16:42:18 +00:00
ip_input.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
ip_ipsec.c
Use ipsec4_in_reject() to simplify ip_ipsec_fwd() and ip_ipsec_input().
2014-12-11 18:55:54 +00:00
ip_ipsec.h
Remove flag/flags argument from the following functions:
2014-12-11 18:35:34 +00:00
ip_mroute.c
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
2014-11-07 09:39:05 +00:00
ip_mroute.h
Migrate structs arpstat, icmpstat, mrtstat, pimstat and udpstat to PCPU
2013-07-09 09:50:15 +00:00
ip_options.c
Use M_WRITABLE() and M_LEADINGSPACE() rather than checking M_EXT and
2015-01-06 14:32:28 +00:00
ip_options.h
Make net.inet.ip.sourceroute, net.inet.ip.accept_sourceroute, and
2014-09-15 07:20:40 +00:00
ip_output.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
ip_var.h
Add a flag to ip_output() - IP_NODEFAULTFLOWID - which prevents it from
2014-09-09 00:19:02 +00:00
ip.h
pim_var.h
Merge 'struct ip6protosw' and 'struct protosw' into one. Now we have
2014-08-08 01:57:15 +00:00
pim.h
raw_ip.c
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
2014-11-07 09:39:05 +00:00
sctp_asconf.c
Add protection code to free memory in case of processing an address which
2015-01-18 20:53:20 +00:00
sctp_asconf.h
sctp_auth.c
Use a consistent type for the number of HMAC algorithms.
2014-09-16 14:20:33 +00:00
sctp_auth.h
Use a consistent type for the number of HMAC algorithms.
2014-09-16 14:20:33 +00:00
sctp_bsd_addr.c
Minimize the usage of SCTP_BUF_IS_EXTENDED.
2015-01-10 20:49:57 +00:00
sctp_bsd_addr.h
sctp_cc_functions.c
Small cleanup which addresses a warning regaring the truncation
2014-09-16 13:48:46 +00:00
sctp_constants.h
Fix the handling of sysctl variables when used with VIMAGE.
2014-09-06 19:12:14 +00:00
sctp_crc32.c
sctp_crc32.h
sctp_dtrace_declare.h
- For kernel compiled only with KDTRACE_HOOKS and not any lock debugging
2013-11-25 07:38:45 +00:00
sctp_dtrace_define.h
dtrace sdt: remove the ugly sname parameter of SDT_PROBE_DEFINE
2013-11-26 08:46:27 +00:00
sctp_header.h
Fix the reported streams in a SCTP_STREAM_RESET_EVENT, if a
2014-10-16 15:36:04 +00:00
sctp_indata.c
Minimize the usage of SCTP_BUF_IS_EXTENDED.
2015-01-10 20:49:57 +00:00
sctp_indata.h
Code cleanups.
2013-07-03 18:48:43 +00:00
sctp_input.c
Fix SCTP stream reset vulnerability.
2015-01-27 19:35:38 +00:00
sctp_input.h
Fix the reported streams in a SCTP_STREAM_RESET_EVENT, if a
2014-10-16 15:36:04 +00:00
sctp_lock_bsd.h
sctp_os_bsd.h
Retire SCTP_BUF_EXTEND_SIZE. This patch was suggested by
2015-01-10 13:56:26 +00:00
sctp_os.h
sctp_output.c
Fix a bug which only shows up when an mbuf allocation failed.
2015-01-18 22:00:39 +00:00
sctp_output.h
Ensure that the list of streams sent in a stream reset parameter fits
2014-10-08 15:30:59 +00:00
sctp_pcb.c
Remove dead code.
2015-01-11 21:55:30 +00:00
sctp_pcb.h
Do the renaming of sb_cc to sb_ccc in a way with less code changes by
2014-12-02 20:29:29 +00:00
sctp_peeloff.c
Add support for the SCTP_AUTH_SUPPORTED and SCTP_ASCONF_SUPPORTED
2014-08-12 11:30:16 +00:00
sctp_peeloff.h
Remove unused function.
2012-11-25 14:25:08 +00:00
sctp_ss_functions.c
sctp_structs.h
This is the SCTP specific companion of
2014-12-04 21:17:50 +00:00
sctp_syscalls.c
Avoid dynamic syscall overhead for statically compiled modules.
2014-10-26 19:42:44 +00:00
sctp_sysctl.c
Remove comparisons which are not necessary.
2015-01-20 19:08:55 +00:00
sctp_sysctl.h
Fix the handling of sysctl variables when used with VIMAGE.
2014-09-06 19:12:14 +00:00
sctp_timer.c
Code cleanup.
2015-01-19 11:52:08 +00:00
sctp_timer.h
sctp_uio.h
Add support for the SCTP_PR_STREAM_STATUS and SCTP_PR_ASSOC_STATUS
2014-08-13 15:50:16 +00:00
sctp_usrreq.c
Fix SCTP SCTP_SS_VALUE kernel memory corruption and disclosure vulnerability.
2015-01-27 19:35:36 +00:00
sctp_var.h
Do the renaming of sb_cc to sb_ccc in a way with less code changes by
2014-12-02 20:29:29 +00:00
sctp.h
Add support for the SCTP_PR_STREAM_STATUS and SCTP_PR_ASSOC_STATUS
2014-08-13 15:50:16 +00:00
sctputil.c
Remove dead code.
2015-01-12 07:39:52 +00:00
sctputil.h
Minimize the usage of SCTP_BUF_IS_EXTENDED.
2015-01-10 20:49:57 +00:00
siftr.c
In preparation of merging projects/sendfile, transform bare access to
2014-11-12 09:57:15 +00:00
tcp_debug.c
tcp_debug.h
tcp_fsm.h
tcp_hostcache.c
Use an sbuf to generate the output of the net.inet.tcp.hostcache.list
2015-01-25 19:45:44 +00:00
tcp_hostcache.h
Add scope zone id to the in_endpoints and hc_metrics structures.
2014-09-10 16:26:18 +00:00
tcp_input.c
DCTCP (Data Center TCP) implementation.
2015-01-12 08:33:04 +00:00
tcp_lro.c
Merge r254336 from user/np/cxl_tuning.
2013-08-28 23:00:34 +00:00
tcp_lro.h
Merge r254336 from user/np/cxl_tuning.
2013-08-28 23:00:34 +00:00
tcp_offload.c
The r48589 promised to remove implicit inclusion of if_var.h soon. Prepare
2013-10-26 17:58:36 +00:00
tcp_offload.h
tcp_output.c
To ease changes to underlying mbuf structure and the mbuf allocator, reduce
2015-01-05 09:58:32 +00:00
tcp_reass.c
Merge from projects/sendfile: extend protocols API to support
2014-11-30 13:24:21 +00:00
tcp_sack.c
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
2014-11-07 09:39:05 +00:00
tcp_seq.h
tcp_subr.c
Remove kernel handling of ICMP_SOURCEQUENCH.
2014-11-10 23:10:01 +00:00
tcp_syncache.c
Start process of removing the use of the deprecated "M_FLOWID" flag
2014-12-01 11:45:24 +00:00
tcp_syncache.h
Introduce spares in the TCP syncache and timewait structures
2013-09-21 10:01:51 +00:00
tcp_timer.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
tcp_timer.h
Fix a race condition in TCP timewait between tcp_tw_2msl_reuse() and
2014-10-30 08:53:56 +00:00
tcp_timewait.c
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
2014-11-07 09:39:05 +00:00
tcp_usrreq.c
Merge from projects/sendfile:
2014-11-30 13:43:52 +00:00
tcp_var.h
Re-introduce padding fields removed with r264321 to keep
2014-11-17 14:56:02 +00:00
tcp.h
Add placeholder constants to reserve a portion of the socket option
2013-02-01 15:32:20 +00:00
tcpip.h
toecore.c
Do not return unlocked/unreferenced lle in arpresolve/nd6_storelladdr -
2014-11-27 23:06:25 +00:00
toecore.h
udp_usrreq.c
Refactor / restructure the RSS code into generic, IPv4 and IPv6 specific
2015-01-18 18:06:40 +00:00
udp_var.h
Add context pointer and source address to the UDP tunnel callback
2014-10-10 06:08:59 +00:00
udp.h
Add placeholder constants to reserve a portion of the socket option
2013-02-01 15:32:20 +00:00
udplite.h
Add support for UDP-Lite protocol (RFC 3828) to IPv4 and IPv6 stacks.
2014-04-07 01:53:03 +00:00