On Wed, Oct 26, 2016 at 12:27 AM, Marcelo Ricardo Leitner <[email protected]> wrote: > Andrey Konovalov reported that KASAN detected that SCTP was using a slab > beyond the boundaries. It was caused because when handling out of the > blue packets in function sctp_sf_ootb() it was checking the chunk len > only after already processing the first chunk, validating only for the > 2nd and subsequent ones. > > The fix is to just move the check upwards so it's also validated for the > 1st chunk. > > Reported-by: Andrey Konovalov <[email protected]> > Tested-by: Andrey Konovalov <[email protected]> > Signed-off-by: Marcelo Ricardo Leitner <[email protected]>
Reviewed-by: Xin Long <[email protected]>
