git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Xin Long <lucien.xin@gmail.com>
	Wed, 26 Jun 2019 08:31:39 +0000 (16:31 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sun, 28 Jul 2019 06:28:31 +0000 (08:28 +0200)
commit	066992c6328c637384f82a6832016a21fcd3a089
tree	e5501e93a32236988b70bd60a72a132d9288bddd	tree
parent	2a8e1d0c9646f78fdd0f00e2eadf8210bbf810a7	commit \| diff

sctp: not bind the socket in sctp_connect

[ Upstream commit 9b6c08878e23adb7cc84bdca94d8a944b03f099e ]

Now when sctp_connect() is called with a wrong sa_family, it binds
to a port but doesn't set bp->port, then sctp_get_af_specific will
return NULL and sctp_connect() returns -EINVAL.

Then if sctp_bind() is called to bind to another port, the last
port it has bound will leak due to bp->port is NULL by then.

sctp_connect() doesn't need to bind ports, as later __sctp_connect
will do it if bp->port is NULL. So remove it from sctp_connect().
While at it, remove the unnecessary sockaddr.sa_family len check
as it's already done in sctp_inet_connect.

Fixes: 644fbdeacf1d ("sctp: fix the issue that flags are ignored when using kernel_connect")
Reported-by: syzbot+079bf326b38072f849d9@syzkaller.appspotmail.com
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>