Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Wei Yongjun wrote: > Packet changed: > 1. Used sctp_sf_ootb() to handle OOTB packet > 2. Remove length check from sctp_sf_tabort_8_4_8() in last patch > 3. Add length check to sctp_sf_ootb() > 4. Changed validity check order in sctp_sf_do_5_1B_init() and other > functions to fix possible attack.

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Vlad Yasevich wrote: Wei Yongjun wrote: Vlad Yasevich wrote: Wei Yongjun wrote: Vlad Yasevich wrote: NACK Section 8.4: An SCTP packet is called an "out of the blue" (OOTB) packet if it is correctly formed (i.e., passed the receiver's CRC32c check; see

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

From: Vlad Yasevich <[EMAIL PROTECTED]> Date: Thu, 30 Aug 2007 09:45:22 -0400 > But now we are doing the same thing twice (and this is not the only > place). I know I am being really picky here, but I am starting to > thing the ootb handling\ is a mess and I really don't want to add to > the mess

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Vlad Yasevich wrote: Wei Yongjun wrote: Vlad Yasevich wrote: Wei Yongjun wrote: Vlad Yasevich wrote: NACK Section 8.4: An SCTP packet is called an "out of the blue" (OOTB) packet if it is correctly formed (i.e., passed the receiver's CRC32c check; see

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Wei Yongjun wrote: > Vlad Yasevich wrote: >> Wei Yongjun wrote: >> >>> Vlad Yasevich wrote: >>> NACK Section 8.4: An SCTP packet is called an "out of the blue" (OOTB) packet if it is correctly formed (i.e., passed the receiver's CRC32c check; see Se

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Vlad Yasevich wrote: Wei Yongjun wrote: Vlad Yasevich wrote: NACK Section 8.4: An SCTP packet is called an "out of the blue" (OOTB) packet if it is correctly formed (i.e., passed the receiver's CRC32c check; see Section 6.8), but the receiver is not able to identify the as

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Wei Yongjun wrote: > Vlad Yasevich wrote: >> >> NACK >> >> Section 8.4: >> >>An SCTP packet is called an "out of the blue" (OOTB) packet if it is >>correctly formed (i.e., passed the receiver's CRC32c check; see >>Section 6.8), but the receiver is not able to identify the >>associat

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Vlad Yasevich wrote: Wei Yongjun wrote: A ootb chunk such as data in close state or init-ack in estab state will cause SCTP to enter dead loop. Look like this: (1) Endpoint A Endpoint B (Closed)(Closed) DATA -> Kerne

Re: [Lksctp-developers] SCTP: Fix dead loop while received unexpected chunk with length set to zero

Wei Yongjun wrote: > A ootb chunk such as data in close state or init-ack in estab state will > cause SCTP to enter dead loop. Look like this: > > (1) > Endpoint A Endpoint B > (Closed)(Closed) > > DATA -> Kernel dead loop

SCTP: Fix dead loop while received unexpected chunk with length set to zero

A ootb chunk such as data in close state or init-ack in estab state will cause SCTP to enter dead loop. Look like this: (1) Endpoint A Endpoint B (Closed)(Closed) DATA -> Kernel dead loop (With Length set to zero) (2) End