github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 06:25:52 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

fixup: sctp: verify size of a new chunk in _sctp_make_chunk()

Browse Source 
Ben writes:
> > +	int chunklen;
> > +
> > +	chunklen = sizeof(*chunk_hdr) + paylen;
> 
> I think this length still needs to be rounded up (with WORD_ROUND here,
> instead of SCTP_PAD4 upstream).

So here's a fix for this problem.


Reported-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Greg Kroah-Hartman 2018-03-13 10:56:00 +01:00
parent 7954c6dc4c
commit 7b822932c1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
net/sctp/sm_make_chunk.c
View File

@ -1369,7 +1369,7 @@ static struct sctp_chunk *_sctp_make_chunk(const struct sctp_association *asoc,
struct sock *sk;
int chunklen;
chunklen = sizeof(*chunk_hdr) + paylen;
chunklen = WORD_ROUND(sizeof(*chunk_hdr) + paylen);
if (chunklen > SCTP_MAX_CHUNK_LEN)
goto nodata;