Re: [PATCH net] sctp: Avoid out-of-bounds reads from address storage

From: Stefano Brivio Date: Wed, 23 Aug 2017 13:27:13 +0200 > inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() copy > sizeof(sockaddr_storage) bytes to fill in sockaddr structs used > to export diagnostic information to userspace. > > However, the memory allocated to store sockaddr info

Re: [PATCH net] sctp: Avoid out-of-bounds reads from address storage

On Wed, Aug 23, 2017 at 11:27 PM, Stefano Brivio wrote: > inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() copy > sizeof(sockaddr_storage) bytes to fill in sockaddr structs used > to export diagnostic information to userspace. > > However, the memory allocated to store sockaddr informati

Re: [PATCH net] sctp: Avoid out-of-bounds reads from address storage

On Wed, Aug 23, 2017 at 01:27:13PM +0200, Stefano Brivio wrote: > inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() copy > sizeof(sockaddr_storage) bytes to fill in sockaddr structs used > to export diagnostic information to userspace. > > However, the memory allocated to store sockaddr i

[PATCH net] sctp: Avoid out-of-bounds reads from address storage

inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() copy sizeof(sockaddr_storage) bytes to fill in sockaddr structs used to export diagnostic information to userspace. However, the memory allocated to store sockaddr information is smaller than that and depends on the address family, so we l