From: Colin King
Date: Fri, 20 Jan 2017 13:01:57 +
> From: Colin Ian King
>
> The comparison on the timeout can lead to an array overrun
> read on sctp_timer_tbl because of an off-by-one error. Fix
> this by using < instead of <= and also compare to the array
> size rather than SCTP_EVENT_T
On Fri, Jan 20, 2017 at 01:15:18PM +, Colin Ian King wrote:
> On 20/01/17 13:10, Marcelo Ricardo Leitner wrote:
> > On Fri, Jan 20, 2017 at 01:01:57PM +, Colin King wrote:
> >> From: Colin Ian King
> >>
> >> The comparison on the timeout can lead to an array overrun
> >> read on sctp_timer
On 20/01/17 13:10, Marcelo Ricardo Leitner wrote:
> On Fri, Jan 20, 2017 at 01:01:57PM +, Colin King wrote:
>> From: Colin Ian King
>>
>> The comparison on the timeout can lead to an array overrun
>> read on sctp_timer_tbl because of an off-by-one error. Fix
>> this by using < instead of <= an
On Fri, Jan 20, 2017 at 01:01:57PM +, Colin King wrote:
> From: Colin Ian King
>
> The comparison on the timeout can lead to an array overrun
> read on sctp_timer_tbl because of an off-by-one error. Fix
> this by using < instead of <= and also compare to the array
> size rather than SCTP_EVEN
From: Colin Ian King
The comparison on the timeout can lead to an array overrun
read on sctp_timer_tbl because of an off-by-one error. Fix
this by using < instead of <= and also compare to the array
size rather than SCTP_EVENT_TIMEOUT_MAX.
Fixes CoverityScan CID#1397639 ("Out-of-bounds read")
S
