[PATCH 3.4 147/176] net: sctp: fix passing wrong parameter header to param_type2af in sctp_process_param

From: lizf
Date: Thu Apr 09 2015 - 04:57:42 EST

Next message: lizf: "[PATCH 3.4 152/176] Bluetooth: append new supported device to the list [0b05:17d0]"
Previous message: lizf: "[PATCH 3.4 145/176] MIPS: Fix C0_Pagegrain[IEC] support."
In reply to: lizf: "[PATCH 3.4 145/176] MIPS: Fix C0_Pagegrain[IEC] support."
Next in thread: lizf: "[PATCH 3.4 152/176] Bluetooth: append new supported device to the list [0b05:17d0]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Saran Maruti Ramanara <saran.neti@xxxxxxxxx>

3.4.107-rc1 review patch. If anyone has any objections, please let me know.

------------------

commit cfbf654efc6d78dc9812e030673b86f235bf677d upstream.

When making use of RFC5061, section 4.2.4. for setting the primary IP
address, we're passing a wrong parameter header to param_type2af(),
resulting always in NULL being returned.

At this point, param.p points to a sctp_addip_param struct, containing
a sctp_paramhdr (type = 0xc004, length = var), and crr_id as a correlation
id. Followed by that, as also presented in RFC5061 section 4.2.4., comes
the actual sctp_addr_param, which also contains a sctp_paramhdr, but
this time with the correct type SCTP_PARAM_IPV{4,6}_ADDRESS that
param_type2af() can make use of. Since we already hold a pointer to
addr_param from previous line, just reuse it for param_type2af().

Fixes: d6de3097592b ("[SCTP]: Add the handling of "Set Primary IP Address" parameter to INIT")
Signed-off-by: Saran Maruti Ramanara <saran.neti@xxxxxxxxx>
Signed-off-by: Daniel Borkmann <dborkman@xxxxxxxxxx>
Acked-by: Vlad Yasevich <vyasevich@xxxxxxxxx>
Acked-by: Neil Horman <nhorman@xxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Zefan Li <lizefan@xxxxxxxxxx>
---
net/sctp/sm_make_chunk.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 8359489..f1249b3 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -2569,7 +2569,7 @@ do_addr_param:

addr_param = param.v + sizeof(sctp_addip_param_t);

- af = sctp_get_af_specific(param_type2af(param.p->type));
+ af = sctp_get_af_specific(param_type2af(addr_param->p.type));
if (af == NULL)
break;

--
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: lizf: "[PATCH 3.4 152/176] Bluetooth: append new supported device to the list [0b05:17d0]"
Previous message: lizf: "[PATCH 3.4 145/176] MIPS: Fix C0_Pagegrain[IEC] support."
In reply to: lizf: "[PATCH 3.4 145/176] MIPS: Fix C0_Pagegrain[IEC] support."
Next in thread: lizf: "[PATCH 3.4 152/176] Bluetooth: append new supported device to the list [0b05:17d0]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]