提交 8ca84481 编写于 作者: A Al Viro 提交者: David S. Miller

[SCTP]: sctp_unpack_cookie() fix

sizeof(pointer) != sizeof(array)...
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 65fd28f7
......@@ -1402,14 +1402,14 @@ struct sctp_association *sctp_unpack_cookie(
sg.length = bodysize;
key = (char *)ep->secret_key[ep->current_key];
memset(digest, 0x00, sizeof(digest));
memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen, &sg,
1, digest);
if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {
/* Try the previous key. */
key = (char *)ep->secret_key[ep->last_key];
memset(digest, 0x00, sizeof(digest));
memset(digest, 0x00, SCTP_SIGNATURE_SIZE);
sctp_crypto_hmac(sctp_sk(ep->base.sk)->hmac, key, &keylen,
&sg, 1, digest);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册