From: Herbert Xu Date: Thu, 5 Apr 2007 07:07:39 +0000 (-0700) Subject: [IPSEC]: Reject packets within replay window but outside the bit mask X-Git-Tag: v2.6.21-rc6~1 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4c4d51a7316b164ba08af61aa0c124a88bc60450;p=linux-2.6 [IPSEC]: Reject packets within replay window but outside the bit mask Up until this point we've accepted replay window settings greater than 32 but our bit mask can only accomodate 32 packets. Thus any packet with a sequence number within the window but outside the bit mask would be accepted. This patch causes those packets to be rejected instead. Signed-off-by: Herbert Xu Signed-off-by: David S. Miller --- diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 5c5f6dcab9..e3a0bcfa5d 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -1371,7 +1371,8 @@ int xfrm_replay_check(struct xfrm_state *x, __be32 net_seq) return 0; diff = x->replay.seq - seq; - if (diff >= x->props.replay_window) { + if (diff >= min_t(unsigned int, x->props.replay_window, + sizeof(x->replay.bitmap) * 8)) { x->stats.replay_window++; return -EINVAL; }