projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 47063d6)
fix breakage in sctp getsockopt
authorAl Viro <viro@ftp.linux.org.uk>
Sun, 14 Oct 2007 18:21:20 +0000 (19:21 +0100)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Sun, 14 Oct 2007 19:41:51 +0000 (12:41 -0700)
copy_to_user() into on-stack array

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
net/sctp/socket.c patch | blob | history

diff --git a/net/sctp/socket.c b/net/sctp/socket.c
index 9c6a4b5f6264639724c52717d0e84c75129ed747..bd6f42a15a4b9d85336396ef680d7bec78912986 100644 (file)
--- a/net/sctp/socket.c
+++ b/net/sctp/socket.c
@@ -5058,6 +5058,7 @@ static int sctp_getsockopt_active_key(struct sock *sk, int len,
 static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
                                    char __user *optval, int __user *optlen)
 {
+       struct sctp_authchunks __user *p = (void __user *)optval;
        struct sctp_authchunks val;
        struct sctp_association *asoc;
        struct sctp_chunks_param *ch;
@@ -5066,10 +5067,10 @@ static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
        if (len <= sizeof(struct sctp_authchunks))
                return -EINVAL;
 
-       if (copy_from_user(&val, optval, sizeof(struct sctp_authchunks)))
+       if (copy_from_user(&val, p, sizeof(struct sctp_authchunks)))
                return -EFAULT;
 
-       to = val.gauth_chunks;
+       to = p->gauth_chunks;
        asoc = sctp_id2assoc(sk, val.gauth_assoc_id);
        if (!asoc)
                return -EINVAL;
@@ -5092,6 +5093,7 @@ static int sctp_getsockopt_peer_auth_chunks(struct sock *sk, int len,
 static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
                                    char __user *optval, int __user *optlen)
 {
+       struct sctp_authchunks __user *p = (void __user *)optval;
        struct sctp_authchunks val;
        struct sctp_association *asoc;
        struct sctp_chunks_param *ch;
@@ -5100,10 +5102,10 @@ static int sctp_getsockopt_local_auth_chunks(struct sock *sk, int len,
        if (len <= sizeof(struct sctp_authchunks))
                return -EINVAL;
 
-       if (copy_from_user(&val, optval, sizeof(struct sctp_authchunks)))
+       if (copy_from_user(&val, p, sizeof(struct sctp_authchunks)))
                return -EFAULT;
 
-       to = val.gauth_chunks;
+       to = p->gauth_chunks;
        asoc = sctp_id2assoc(sk, val.gauth_assoc_id);
        if (!asoc && val.gauth_assoc_id && sctp_style(sk, UDP))
                return -EINVAL;
John Crispins staging tree