diff options
author | Neil Horman <nhorman@tuxdriver.com> | 2007-06-19 01:59:16 +0200 |
---|---|---|
committer | Vlad Yasevich <vladislav.yasevich@hp.com> | 2007-06-19 15:47:32 +0200 |
commit | 186e234358ba29a4094d0c8c0d3ea00f84d32a3e (patch) | |
tree | 656674d40530aac38ff79abd7be67a3ff3c5e49e /net | |
parent | SCTP: update sctp_getsockopt helpers to allow oversized buffers (diff) | |
download | linux-186e234358ba29a4094d0c8c0d3ea00f84d32a3e.tar.xz linux-186e234358ba29a4094d0c8c0d3ea00f84d32a3e.zip |
SCTP: Fix sctp_getsockopt_get_peer_addrs
This is the split out of the patch that we agreed I should split
out from my last patch. It changes space_left to be computed in the same
way the to variable is. I know we talked about changing space_left to an
int, but I think size_t is more appropriate, since we should never have
negative space in our buffer, and computing using offsetof means space_left
should now never drop below zero.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Diffstat (limited to 'net')
-rw-r--r-- | net/sctp/socket.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c index c1f239ac12b9..2fc036699d48 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4019,8 +4019,7 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, return -EINVAL; to = optval + offsetof(struct sctp_getaddrs,addrs); - space_left = len - sizeof(struct sctp_getaddrs) - - offsetof(struct sctp_getaddrs,addrs); + space_left = len - offsetof(struct sctp_getaddrs,addrs); list_for_each(pos, &asoc->peer.transport_addr_list) { from = list_entry(pos, struct sctp_transport, transports); @@ -4327,8 +4326,8 @@ static int sctp_getsockopt_local_addrs(struct sock *sk, int len, } to = optval + offsetof(struct sctp_getaddrs,addrs); - space_left = len - sizeof(struct sctp_getaddrs) - - offsetof(struct sctp_getaddrs,addrs); + space_left = len - offsetof(struct sctp_getaddrs,addrs); + addrs = kmalloc(space_left, GFP_KERNEL); if (!addrs) return -ENOMEM; |