diff options
| author |   YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> | 2008-05-29 19:55:05 +0900 |
|---|---|---|
| committer | YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> | 2008-06-05 04:02:30 +0900 |
| commit | e51171019bb0e1f9fb57c25bd2e38ce652eaea27 (patch) | |
| tree | 6adf7c9e23c54de5a2b361c8e59d692a29e7541e /net/sctp/ipv6.c | |
| parent | ax25: Fix NULL pointer dereference and lockup. (diff) | |
| download | linux-dev-e51171019bb0e1f9fb57c25bd2e38ce652eaea27.tar.xz linux-dev-e51171019bb0e1f9fb57c25bd2e38ce652eaea27.zip | |
[SCTP]: Fix NULL dereference of asoc.
Commit 7cbca67c073263c179f605bdbbdc565ab29d801d ("[IPV6]: Support
Source Address Selection API (RFC5014)") introduced NULL dereference
of asoc to sctp_v6_get_saddr in net/sctp/ipv6.c.
Pointed out by Johann Felix Soden <johfel@users.sourceforge.net>.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Diffstat (limited to 'net/sctp/ipv6.c')
| -rw-r--r-- | net/sctp/ipv6.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c index e45e44c60635..e4aac3266fcd 100644 --- a/net/sctp/ipv6.c +++ b/net/sctp/ipv6.c @@ -299,7 +299,8 @@ static inline int sctp_v6_addr_match_len(union sctp_addr *s1, /* Fills in the source address(saddr) based on the destination address(daddr) * and asoc's bind address list. */ -static void sctp_v6_get_saddr(struct sctp_association *asoc, +static void sctp_v6_get_saddr(struct sctp_sock *sk, + struct sctp_association *asoc, struct dst_entry *dst, union sctp_addr *daddr, union sctp_addr *saddr) @@ -318,7 +319,7 @@ static void sctp_v6_get_saddr(struct sctp_association *asoc, if (!asoc) { ipv6_dev_get_saddr(dst ? ip6_dst_idev(dst)->dev : NULL, &daddr->v6.sin6_addr, - inet6_sk(asoc->base.sk)->srcprefs, + inet6_sk(&sk->inet.sk)->srcprefs, &saddr->v6.sin6_addr); SCTP_DEBUG_PRINTK("saddr from ipv6_get_saddr: " NIP6_FMT "\n", NIP6(saddr->v6.sin6_addr)); |