| User: | Jiri Slaby |
| Error type: | Invalid Pointer Dereference |
| Error type description: | A pointer which is invalid is being dereferenced |
| File location: | net/sctp/socket.c |
| Line in file: | 1613 |
| Project: | Linux Kernel |
| Project version: | 2.6.28 |
| Tools: |
Smatch
(1.59)
|
| Entered: | 2013-09-11 08:47:26 UTC |
1583 SCTP_DEBUG_PRINTK("Aborting association: %p\n", asoc); 1584 sctp_primitive_ABORT(asoc, chunk); 1585 err = 0; 1586 goto out_unlock; 1587 } 1588 } 1589 1590 /* Do we need to create the association? */ 1591 if (!asoc) { 1592 SCTP_DEBUG_PRINTK("There is no association yet.\n"); 1593 1594 if (sinfo_flags & (SCTP_EOF | SCTP_ABORT)) { 1595 err = -EINVAL; 1596 goto out_unlock; 1597 } 1598 1599 /* Check for invalid stream against the stream counts, 1600 * either the default or the user specified stream counts. 1601 */ 1602 if (sinfo) { 1603 if (!sinit || (sinit && !sinit->sinit_num_ostreams)) { 1604 /* Check against the defaults. */ 1605 if (sinfo->sinfo_stream >= 1606 sp->initmsg.sinit_num_ostreams) { 1607 err = -EINVAL; 1608 goto out_unlock; 1609 } 1610 } else { 1611 /* Check against the requested. */ 1612 if (sinfo->sinfo_stream >= 1613 sinit->sinit_num_ostreams) { 1614 err = -EINVAL; 1615 goto out_unlock; 1616 } 1617 } 1618 } 1619 1620 /* 1621 * API 3.1.2 bind() - UDP Style Syntax 1622 * If a bind() or sctp_bindx() is not called prior to a 1623 * sendmsg() call that initiates a new association, the