A pppoe session is identified by its session ID and MAC address. Currently pppoe does not check if the received pkg has the correct MAC address. This is a problem when the eth I/F is in promisc mode as then any DST MAC address is accepted.
Signed-off-by: Joakim Tjernlund <[email protected]> --- drivers/net/ppp/pppoe.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/ppp/pppoe.c b/drivers/net/ppp/pppoe.c index ff059e1..740e39b 100644 --- a/drivers/net/ppp/pppoe.c +++ b/drivers/net/ppp/pppoe.c @@ -383,6 +383,9 @@ static int pppoe_rcv_core(struct sock *sk, struct sk_buff *skb) if (sk->sk_state & PPPOX_BOUND) { ppp_input(&po->chan, skb); } else if (sk->sk_state & PPPOX_RELAY) { + if (skb->pkt_type == PACKET_OTHERHOST) + goto abort_kfree; + relay_po = get_item_by_addr(sock_net(sk), &po->pppoe_relay); if (relay_po == NULL) -- 2.0.5 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
