Commit 175f7c1f authored by Tetsuo Handa's avatar Tetsuo Handa Committed by David S. Miller

sctp: Check address length before reading address family

KMSAN will complain if valid address length passed to connect() is shorter
than sizeof("struct sockaddr"->sa_family) bytes.
Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: default avatarNeil Horman <nhorman@tuxdriver.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 238ffdc4
...@@ -4847,7 +4847,8 @@ static int sctp_connect(struct sock *sk, struct sockaddr *addr, ...@@ -4847,7 +4847,8 @@ static int sctp_connect(struct sock *sk, struct sockaddr *addr,
} }
/* Validate addr_len before calling common connect/connectx routine. */ /* Validate addr_len before calling common connect/connectx routine. */
af = sctp_get_af_specific(addr->sa_family); af = addr_len < offsetofend(struct sockaddr, sa_family) ? NULL :
sctp_get_af_specific(addr->sa_family);
if (!af || addr_len < af->sockaddr_len) { if (!af || addr_len < af->sockaddr_len) {
err = -EINVAL; err = -EINVAL;
} else { } else {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment