diff options
author | Wei Yongjun <yjwei@cn.fujitsu.com> | 2008-12-25 16:59:03 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-12-25 16:59:03 -0800 |
commit | 8510b937ae1e23583abdeb828cad5c518295c61d (patch) | |
tree | 5ef0449bc7673c99a2134d8bba8e4f1dd4c79549 /net | |
parent | 9fcb95a105758b81ef0131cd18e2db5149f13e95 (diff) | |
download | linux-exynos-8510b937ae1e23583abdeb828cad5c518295c61d.tar.gz linux-exynos-8510b937ae1e23583abdeb828cad5c518295c61d.tar.bz2 linux-exynos-8510b937ae1e23583abdeb828cad5c518295c61d.zip |
sctp: Add validity check for SCTP_PARTIAL_DELIVERY_POINT socket option
The latest ietf socket extensions API draft said:
8.1.21. Set or Get the SCTP Partial Delivery Point
Note also that the call will fail if the user attempts to set
this value larger than the socket receive buffer size.
This patch add this validity check for SCTP_PARTIAL_DELIVERY_POINT
socket option.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r-- | net/sctp/socket.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 9f5fe23773a9..b14a8f33e42d 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -3010,14 +3010,21 @@ static int sctp_setsockopt_fragment_interleave(struct sock *sk, } /* - * 7.1.25. Set or Get the sctp partial delivery point + * 8.1.21. Set or Get the SCTP Partial Delivery Point * (SCTP_PARTIAL_DELIVERY_POINT) + * * This option will set or get the SCTP partial delivery point. This * point is the size of a message where the partial delivery API will be * invoked to help free up rwnd space for the peer. Setting this to a - * lower value will cause partial delivery's to happen more often. The + * lower value will cause partial deliveries to happen more often. The * calls argument is an integer that sets or gets the partial delivery - * point. + * point. Note also that the call will fail if the user attempts to set + * this value larger than the socket receive buffer size. + * + * Note that any single message having a length smaller than or equal to + * the SCTP partial delivery point will be delivered in one single read + * call as long as the user provided buffer is large enough to hold the + * message. */ static int sctp_setsockopt_partial_delivery_point(struct sock *sk, char __user *optval, @@ -3030,6 +3037,12 @@ static int sctp_setsockopt_partial_delivery_point(struct sock *sk, if (get_user(val, (int __user *)optval)) return -EFAULT; + /* Note: We double the receive buffer from what the user sets + * it to be, also initial rwnd is based on rcvbuf/2. + */ + if (val > (sk->sk_rcvbuf >> 1)) + return -EINVAL; + sctp_sk(sk)->pd_point = val; return 0; /* is this the right error code? */ |