summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--net/sctp/auth.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/net/sctp/auth.c b/net/sctp/auth.c
index 159b9bc5d63..94a12de5869 100644
--- a/net/sctp/auth.c
+++ b/net/sctp/auth.c
@@ -200,10 +200,14 @@ static struct sctp_auth_bytes *sctp_auth_make_key_vector(
struct sctp_auth_bytes *new;
__u32 len;
__u32 offset = 0;
+ __u16 random_len, hmacs_len, chunks_len = 0;
- len = ntohs(random->param_hdr.length) + ntohs(hmacs->param_hdr.length);
- if (chunks)
- len += ntohs(chunks->param_hdr.length);
+ random_len = ntohs(random->param_hdr.length);
+ hmacs_len = ntohs(hmacs->param_hdr.length);
+ if (chunks)
+ chunks_len = ntohs(chunks->param_hdr.length);
+
+ len = random_len + hmacs_len + chunks_len;
new = kmalloc(sizeof(struct sctp_auth_bytes) + len, gfp);
if (!new)
@@ -211,16 +215,15 @@ static struct sctp_auth_bytes *sctp_auth_make_key_vector(
new->len = len;
- memcpy(new->data, random, ntohs(random->param_hdr.length));
- offset += ntohs(random->param_hdr.length);
+ memcpy(new->data, random, random_len);
+ offset += random_len;
if (chunks) {
- memcpy(new->data + offset, chunks,
- ntohs(chunks->param_hdr.length));
- offset += ntohs(chunks->param_hdr.length);
+ memcpy(new->data + offset, chunks, chunks_len);
+ offset += chunks_len;
}
- memcpy(new->data + offset, hmacs, ntohs(hmacs->param_hdr.length));
+ memcpy(new->data + offset, hmacs, hmacs_len);
return new;
}