From: Wei Yongjun <yjwei@cn.fujitsu.com>
Date: Sat, 22 Aug 2009 03:27:37 +0000 (+0800)
Subject: sctp: fix check the chunk length of received HEARTBEAT-ACK chunk
X-Git-Tag: v2.6.32-rc1~703^2~69
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dadb50cc1ada2906594df83d991f0bc388039bb6;p=pandora-kernel.git

sctp: fix check the chunk length of received HEARTBEAT-ACK chunk

The receiver of the HEARTBEAT should respond with a HEARTBEAT ACK
that contains the Heartbeat Information field copied from the
received HEARTBEAT chunk. So the received HEARTBEAT-ACK chunk
must have a length of:
  sizeof(sctp_chunkhdr_t) + sizeof(sctp_sender_hb_info_t)

A badly formatted HB-ACK chunk, it is possible that we may access
invalid memory.  We should really make sure that the chunk format
is what we expect, before attempting to touch the data.

Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
---

Reading git-diff-tree failed