goletsa
Gold Member | Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору $ svn diff -c293898 svn://svn.freebsd.org/base/stable/9/sys/netinet6/sctp6_usrreq.cIndex: sctp6_usrreq.c =================================================================== --- sctp6_usrreq.c (revision 293897) +++ sctp6_usrreq.c (revision 293898) @@ -393,7 +393,6 @@ * XXX: We assume that when IPV6 is non NULL, M and OFF are * valid. */ - /* check if we can safely examine src and dst ports */ struct sctp_inpcb *inp = NULL; struct sctp_tcb *stcb = NULL; struct sctp_nets *net = NULL; @@ -402,6 +401,10 @@ if (ip6cp->ip6c_m == NULL) return; + /* Check if we can safely examine the SCTP header. */ + if (ip6cp->ip6c_m->m_pkthdr.len < ip6cp->ip6c_off + sizeof(sh)) + return; + bzero(&sh, sizeof(sh)); bzero(&final, sizeof(final)); inp = NULL; |