From cb243a1a9fef4aaff262a5dd14f987070d37229b Mon Sep 17 00:00:00 2001 From: Wei Yongjun Date: Mon, 6 Aug 2007 13:55:58 +0800 Subject: SCTP: Fix to handle invalid parameter length correctly If an INIT with invalid parameter length look like this: Parameter Type : 1 Parameter Length: 800 and not contain any payload, SCTP will ignore this parameter and send back a INIT-ACK. This patch is fix to handle this invalid parameter length correctly. Signed-off-by: Wei Yongjun Signed-off-by: Vlad Yasevich --- net/sctp/sm_make_chunk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net') diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index adc5e5934728..79856c924525 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c @@ -1833,7 +1833,7 @@ int sctp_verify_init(const struct sctp_association *asoc, * VIOLATION error. We build the ERROR chunk here and let the normal * error handling code build and send the packet. */ - if (param.v < (void*)chunk->chunk_end - sizeof(sctp_paramhdr_t)) { + if (param.v != (void*)chunk->chunk_end) { sctp_process_inv_paramlength(asoc, param.p, chunk, errp); return 0; } -- cgit v1.2.1