sctp: check af before verify address in sctp_addr_id2transport
Commit6f29a13061
("sctp: sctp_addr_id2transport should verify the addr before looking up assoc") invoked sctp_verify_addr to verify the addr. But it didn't check af variable beforehand, once users pass an address with family = 0 through sockopt, sctp_get_af_specific will return NULL and NULL pointer dereference will be caused by af->sockaddr_len. This patch is to fix it by returning NULL if af variable is NULL. Fixes:6f29a13061
("sctp: sctp_addr_id2transport should verify the addr before looking up assoc") Signed-off-by: Xin Long <lucien.xin@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
2dcab59848
commit
912964eacb
|
@ -239,7 +239,7 @@ static struct sctp_transport *sctp_addr_id2transport(struct sock *sk,
|
||||||
union sctp_addr *laddr = (union sctp_addr *)addr;
|
union sctp_addr *laddr = (union sctp_addr *)addr;
|
||||||
struct sctp_transport *transport;
|
struct sctp_transport *transport;
|
||||||
|
|
||||||
if (sctp_verify_addr(sk, laddr, af->sockaddr_len))
|
if (!af || sctp_verify_addr(sk, laddr, af->sockaddr_len))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
addr_asoc = sctp_endpoint_lookup_assoc(sctp_sk(sk)->ep,
|
addr_asoc = sctp_endpoint_lookup_assoc(sctp_sk(sk)->ep,
|
||||||
|
|
Loading…
Reference in New Issue