• Xin Long's avatar
    sctp: only copy the available addr data in sctp_transport_init · 4c31bc6b
    Xin Long authored
    'addr' passed to sctp_transport_init is not always a whole size
    of union sctp_addr, like the path:
    
      sctp_sendmsg() ->
      sctp_sendmsg_new_asoc() ->
      sctp_assoc_add_peer() ->
      sctp_transport_new() -> sctp_transport_init()
    
    In the next patches, we will also pass the address length of data
    only to sctp_assoc_add_peer().
    
    So sctp_transport_init() should copy the only available data from
    addr to peer->ipaddr, instead of 'peer->ipaddr = *addr' which may
    cause slab-out-of-bounds.
    Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    4c31bc6b
transport.c 20.8 KB