BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks

Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c
index 9c0950191b9e049f42b63645c237368b814db195..821320ae237ae11445a34ad3e875fc5a43b613d5 100644 (file)
--- a/crypto/bio/bss_dgram.c
+++ b/crypto/bio/bss_dgram.c
@@ -951,7 +951,7 @@ BIO *BIO_new_dgram_sctp(int fd, int close_flag)
         * already, otherwise the connected socket won't use it. */
        sockopt_len = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
        authchunks = OPENSSL_malloc(sockopt_len);
         * already, otherwise the connected socket won't use it. */
        sockopt_len = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
        authchunks = OPENSSL_malloc(sockopt_len);

-       memset(authchunks, 0, sizeof(sockopt_len));
+       memset(authchunks, 0, sockopt_len);

        ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
        OPENSSL_assert(ret >= 0);
 
        ret = getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks, &sockopt_len);
        OPENSSL_assert(ret >= 0);
 


@@ -1241,7 +1241,7 @@ static int dgram_sctp_read(BIO *b, char *out, int outl)
 
                        optlen = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
                        authchunks = OPENSSL_malloc(optlen);
 
                        optlen = (socklen_t)(sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
                        authchunks = OPENSSL_malloc(optlen);

-                       memset(authchunks, 0, sizeof(optlen));
+                       memset(authchunks, 0, optlen);

                        ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
                        OPENSSL_assert(ii >= 0);
 
                        ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS, authchunks, &optlen);
                        OPENSSL_assert(ii >= 0);