Commit a4056573873dc9fc506ce9293c4d01670101a637
Exists in
master
and in
20 other branches
Merge branch 'net-2.6-misc-20080611a' of git://git.linux-ipv6.org/gitroot/yoshfuji/linux-2.6-fix
Showing 3 changed files Side-by-side Diff
net/ipv6/datagram.c
net/ipv6/ipv6_sockglue.c
... | ... | @@ -67,7 +67,7 @@ |
67 | 67 | |
68 | 68 | /* RA packet may be delivered ONLY to IPPROTO_RAW socket */ |
69 | 69 | if (sk->sk_type != SOCK_RAW || inet_sk(sk)->num != IPPROTO_RAW) |
70 | - return -EINVAL; | |
70 | + return -ENOPROTOOPT; | |
71 | 71 | |
72 | 72 | new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL; |
73 | 73 | |
... | ... | @@ -446,7 +446,7 @@ |
446 | 446 | |
447 | 447 | case IPV6_MULTICAST_HOPS: |
448 | 448 | if (sk->sk_type == SOCK_STREAM) |
449 | - goto e_inval; | |
449 | + break; | |
450 | 450 | if (optlen < sizeof(int)) |
451 | 451 | goto e_inval; |
452 | 452 | if (val > 255 || val < -1) |
453 | 453 | |
... | ... | @@ -458,13 +458,15 @@ |
458 | 458 | case IPV6_MULTICAST_LOOP: |
459 | 459 | if (optlen < sizeof(int)) |
460 | 460 | goto e_inval; |
461 | + if (val != valbool) | |
462 | + goto e_inval; | |
461 | 463 | np->mc_loop = valbool; |
462 | 464 | retv = 0; |
463 | 465 | break; |
464 | 466 | |
465 | 467 | case IPV6_MULTICAST_IF: |
466 | 468 | if (sk->sk_type == SOCK_STREAM) |
467 | - goto e_inval; | |
469 | + break; | |
468 | 470 | if (optlen < sizeof(int)) |
469 | 471 | goto e_inval; |
470 | 472 | |
... | ... | @@ -860,7 +862,7 @@ |
860 | 862 | if (sk->sk_protocol != IPPROTO_UDP && |
861 | 863 | sk->sk_protocol != IPPROTO_UDPLITE && |
862 | 864 | sk->sk_protocol != IPPROTO_TCP) |
863 | - return -EINVAL; | |
865 | + return -ENOPROTOOPT; | |
864 | 866 | if (sk->sk_state != TCP_ESTABLISHED) |
865 | 867 | return -ENOTCONN; |
866 | 868 | val = sk->sk_family; |
... | ... | @@ -874,6 +876,8 @@ |
874 | 876 | return -EINVAL; |
875 | 877 | if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0))) |
876 | 878 | return -EFAULT; |
879 | + if (gsf.gf_group.ss_family != AF_INET6) | |
880 | + return -EADDRNOTAVAIL; | |
877 | 881 | lock_sock(sk); |
878 | 882 | err = ip6_mc_msfget(sk, &gsf, |
879 | 883 | (struct group_filter __user *)optval, optlen); |
net/ipv6/route.c
... | ... | @@ -2196,8 +2196,12 @@ |
2196 | 2196 | |
2197 | 2197 | NLA_PUT_U32(skb, RTA_PRIORITY, rt->rt6i_metric); |
2198 | 2198 | |
2199 | - expires = (rt->rt6i_flags & RTF_EXPIRES) ? | |
2200 | - rt->rt6i_expires - jiffies : 0; | |
2199 | + if (!(rt->rt6i_flags & RTF_EXPIRES)) | |
2200 | + expires = 0; | |
2201 | + else if (rt->rt6i_expires - jiffies < INT_MAX) | |
2202 | + expires = rt->rt6i_expires - jiffies; | |
2203 | + else | |
2204 | + expires = INT_MAX; | |
2201 | 2205 | |
2202 | 2206 | if (rtnl_put_cacheinfo(skb, &rt->u.dst, 0, 0, 0, |
2203 | 2207 | expires, rt->u.dst.error) < 0) |