2021-01-12 12:00:29

by Yingjie Wang

[permalink] [raw]
Subject: [PATCH v1] net/ipv4: add IPv4_is_multicast() check in ip_mc_leave_group().

From: Yingjie Wang <[email protected]>

There is no IPv4_is_multicast() check added to ip_mc_leave_group()
to determine whether imr->imr_multiaddr.s_addr is a multicast address.
If not a multicast address, it may result in an error.
In some cases, the callers of ip_mc_leave_group don't check
whether it is multicast address or not such as do_ip_setsockopt().
So I suggest added the ipv4_is_multicast() check to the
ip_mc_leave_group function to prevent this from happening.

Fixes: d519aa299494 ("net/ipv4: add IPv4_is_multicast() check in ip_mc_leave_group().")
Signed-off-by: Yingjie Wang <[email protected]>
---
net/ipv4/igmp.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index 7b272bbed2b4..1b6f91271cfd 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -2248,6 +2248,9 @@ int ip_mc_leave_group(struct sock *sk, struct ip_mreqn *imr)
u32 ifindex;
int ret = -EADDRNOTAVAIL;

+ if (!ipv4_is_multicast(group))
+ return -EINVAL;
+
ASSERT_RTNL();

in_dev = ip_mc_find_dev(net, imr);
--
2.7.4


2021-01-13 03:40:40

by Jakub Kicinski

[permalink] [raw]
Subject: Re: [PATCH v1] net/ipv4: add IPv4_is_multicast() check in ip_mc_leave_group().

On Tue, 12 Jan 2021 00:47:09 -0800 [email protected] wrote:
> From: Yingjie Wang <[email protected]>
>
> There is no IPv4_is_multicast() check added to ip_mc_leave_group()
> to determine whether imr->imr_multiaddr.s_addr is a multicast address.
> If not a multicast address, it may result in an error.
> In some cases, the callers of ip_mc_leave_group don't check
> whether it is multicast address or not such as do_ip_setsockopt().
> So I suggest added the ipv4_is_multicast() check to the
> ip_mc_leave_group function to prevent this from happening.
>
> Fixes: d519aa299494 ("net/ipv4: add IPv4_is_multicast() check in ip_mc_leave_group().")
> Signed-off-by: Yingjie Wang <[email protected]>

Same story with the fixes tag as on your other submission.

The fixes tag is supposed to refer to the commit which introduced
the bug. It helps the backporters determine whether they need to
backport given fix to their trees. In case the commit which added
the bug predates git history you can refer to the first commit in
the history.

HTH