summaryrefslogtreecommitdiff
path: root/net/ipv6/ip6_input.c
diff options
context:
space:
mode:
authorOtavio Salvador <otavio@ossystems.com.br>2019-12-19 00:14:33 -0300
committerGitHub <noreply@github.com>2019-12-19 00:14:33 -0300
commitfa8a03bec68d9ef89da72277bd3501ed3daa6217 (patch)
tree3d3218332bcb34cb0afa01d6ad996058a3dbcb77 /net/ipv6/ip6_input.c
parent6b774eec1f9d3064e9b33634dfa99d5666d0a73a (diff)
parent1ddf624b0b268fdc0b80b1de618b98f8d117afea (diff)
Merge pull request #55 from toradex/4.14-2.0.x-imx
4.14 2.0.x imx
Diffstat (limited to 'net/ipv6/ip6_input.c')
-rw-r--r--net/ipv6/ip6_input.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c
index 9ee208a348f5..e41070fb4fc0 100644
--- a/net/ipv6/ip6_input.c
+++ b/net/ipv6/ip6_input.c
@@ -173,6 +173,16 @@ int ipv6_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt
if (ipv6_addr_is_multicast(&hdr->saddr))
goto err;
+ /* While RFC4291 is not explicit about v4mapped addresses
+ * in IPv6 headers, it seems clear linux dual-stack
+ * model can not deal properly with these.
+ * Security models could be fooled by ::ffff:127.0.0.1 for example.
+ *
+ * https://tools.ietf.org/html/draft-itojun-v6ops-v4mapped-harmful-02
+ */
+ if (ipv6_addr_v4mapped(&hdr->saddr))
+ goto err;
+
skb->transport_header = skb->network_header + sizeof(*hdr);
IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);