From: Tetsuo Handa Date: Fri, 12 Apr 2019 10:53:10 +0000 (+0900) Subject: sctp: Check address length before reading address family X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=175f7c1f01d30b2088491bee4636fbf846fb76ce;p=openwrt%2Fstaging%2Fblogic.git sctp: Check address length before reading address family KMSAN will complain if valid address length passed to connect() is shorter than sizeof("struct sockaddr"->sa_family) bytes. Signed-off-by: Tetsuo Handa Acked-by: Neil Horman Signed-off-by: David S. Miller --- diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 9874e60c9b0d..4583fa914e62 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -4847,7 +4847,8 @@ static int sctp_connect(struct sock *sk, struct sockaddr *addr, } /* Validate addr_len before calling common connect/connectx routine. */ - af = sctp_get_af_specific(addr->sa_family); + af = addr_len < offsetofend(struct sockaddr, sa_family) ? NULL : + sctp_get_af_specific(addr->sa_family); if (!af || addr_len < af->sockaddr_len) { err = -EINVAL; } else {