Fix up a missed null pointer check in the asconf code. If we don't find a local address, but we pass in an address length of more than 1, we may dereference a NULL laddr pointer. Currently this can't happen, as the only users of the function pass in the value 1 as the addrcnt parameter, but its not a hot path, and it doesn't hurt to check for NULL should that ever be the case Signed-off-by: Neil Horman <nhorman@xxxxxxxxxxxxx> CC: Vlad Yasevich <vyasevich@xxxxxxxxx> CC: "David S. Miller" <davem@xxxxxxxxxxxxx> CC: Dan Carpenter <dan.carpenter@xxxxxxxxxx> --- net/sctp/socket.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/sctp/socket.c b/net/sctp/socket.c index cedd9bf..75ebde9 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -820,6 +820,9 @@ static int sctp_send_asconf_del_ip(struct sock *sk, goto skip_mkasconf; } + if (laddr == NULL) + return -EINVAL; + /* We do not need RCU protection throughout this loop * because this is done under a socket lock from the * setsockopt call. -- 1.7.11.7 -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
