svn commit: r223697 - head/sys/netinet

[Michael Tuexen]

Author: tuexen
Date: Thu Jun 30 16:56:55 2011
New Revision: 223697
URL: http://svn.freebsd.org/changeset/base/223697

Log:
  Add the missing sca_keylength field to the sctp_authkey structure,
  which is used the the SCTP_AUTH_KEY socket option.
  
  MFC after: 1 month.

Modified:
  head/sys/netinet/sctp_uio.h
  head/sys/netinet/sctp_usrreq.c

Modified: head/sys/netinet/sctp_uio.h
==============================================================================
--- head/sys/netinet/sctp_uio.h	Thu Jun 30 16:13:00 2011	(r223696)
+++ head/sys/netinet/sctp_uio.h	Thu Jun 30 16:56:55 2011	(r223697)
@@ -591,6 +591,7 @@ struct sctp_authchunk {
 struct sctp_authkey {
 	sctp_assoc_t sca_assoc_id;
 	uint16_t sca_keynumber;
+	uint16_t sca_keylength;
 	uint8_t sca_key[];
 };
 

Modified: head/sys/netinet/sctp_usrreq.c
==============================================================================
--- head/sys/netinet/sctp_usrreq.c	Thu Jun 30 16:13:00 2011	(r223696)
+++ head/sys/netinet/sctp_usrreq.c	Thu Jun 30 16:56:55 2011	(r223697)
@@ -3571,8 +3571,18 @@ sctp_setopt(struct socket *so, int optna
 			size_t size;
 
 			SCTP_CHECK_AND_CAST(sca, optval, struct sctp_authkey, optsize);
+			if (sca->sca_keylength == 0) {
+				size = optsize - sizeof(struct sctp_authkey);
+			} else {
+				if (sca->sca_keylength + sizeof(struct sctp_authkey) <= optsize) {
+					size = sca->sca_keylength;
+				} else {
+					SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL);
+					error = EINVAL;
+					break;
+				}
+			}
 			SCTP_FIND_STCB(inp, stcb, sca->sca_assoc_id);
-			size = optsize - sizeof(struct sctp_authkey);
 
 			if (stcb) {
 				shared_keys = &stcb->asoc.shared_keys;