From: Xin Long <lucien....@gmail.com>
Date: Fri, 14 Jul 2017 22:07:33 +0800
> Marcelo noticed an array overflow caused by commit c28445c3cb07
> ("sctp: add reconf_enable in asoc ep and netns"), in which sctp
> would add SCTP_CID_RECONF into extensions when reconf_enable is
> set in sctp_make_init and sctp_make_init_ack.
>
> Then now when all ext chunks are set, 4 ext chunk ids can be put
> into extensions array while extensions array size is 3. It would
> cause a kernel panic because of this overflow.
>
> This patch is to fix it by defining extensions array size is 4 in
> both sctp_make_init and sctp_make_init_ack.
>
> Fixes: c28445c3cb07 ("sctp: add reconf_enable in asoc ep and netns")
> Signed-off-by: Xin Long <lucien....@gmail.com>
Applied and queued up for -stable, thanks.
