summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorNeil Horman <nhorman@tuxdriver.com>2007-06-19 01:59:16 +0200
committerVlad Yasevich <vladislav.yasevich@hp.com>2007-06-19 15:47:32 +0200
commit186e234358ba29a4094d0c8c0d3ea00f84d32a3e (patch)
tree656674d40530aac38ff79abd7be67a3ff3c5e49e /net
parentSCTP: update sctp_getsockopt helpers to allow oversized buffers (diff)
downloadlinux-186e234358ba29a4094d0c8c0d3ea00f84d32a3e.tar.xz
linux-186e234358ba29a4094d0c8c0d3ea00f84d32a3e.zip
SCTP: Fix sctp_getsockopt_get_peer_addrs
This is the split out of the patch that we agreed I should split out from my last patch. It changes space_left to be computed in the same way the to variable is. I know we talked about changing space_left to an int, but I think size_t is more appropriate, since we should never have negative space in our buffer, and computing using offsetof means space_left should now never drop below zero. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Diffstat (limited to 'net')
-rw-r--r--net/sctp/socket.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index c1f239ac12b9..2fc036699d48 100644
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -4019,8 +4019,7 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len,
return -EINVAL;
to = optval + offsetof(struct sctp_getaddrs,addrs);
- space_left = len - sizeof(struct sctp_getaddrs) -
- offsetof(struct sctp_getaddrs,addrs);
+ space_left = len - offsetof(struct sctp_getaddrs,addrs);
list_for_each(pos, &asoc->peer.transport_addr_list) {
from = list_entry(pos, struct sctp_transport, transports);
@@ -4327,8 +4326,8 @@ static int sctp_getsockopt_local_addrs(struct sock *sk, int len,
}
to = optval + offsetof(struct sctp_getaddrs,addrs);
- space_left = len - sizeof(struct sctp_getaddrs) -
- offsetof(struct sctp_getaddrs,addrs);
+ space_left = len - offsetof(struct sctp_getaddrs,addrs);
+
addrs = kmalloc(space_left, GFP_KERNEL);
if (!addrs)
return -ENOMEM;