Package: libsctp1
Version: 1.0.19+dfsg-2
Severity: normal
File: /usr/lib/x86_64-linux-gnu/libsctp.so.1.0.19
X-Debbugs-Cc: [email protected]
Dear Maintainer,
-- Description:
Problem concerns sctp_sendv() function when using SCTP_SENDV_SPA infotype.
More precisely, let's consider the following program:
+++++
#include <stddef.h>
#include <string.h>
#include <netinet/in.h>
#include <netinet/sctp.h>
#include <arpa/inet.h>
int
main(void)
{
int sock;
struct sockaddr_in addr;
struct sctp_sendv_spa spa;
struct iovec iov = {
.iov_base = "data",
.iov_len = 4
};
sock = socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP);
addr.sin_family = AF_INET;
addr.sin_port = htons(20000);
addr.sin_addr.s_addr = inet_addr("127.0.0.1");
connect(sock, (struct sockaddr *) &addr, sizeof(addr));
memset(&spa, 0, sizeof(spa));
spa.sendv_flags = SCTP_SEND_SNDINFO_VALID | SCTP_SEND_PRINFO_VALID |
SCTP_SEND_AUTHINFO_VALID;
sctp_sendv(sock, &iov, 1, NULL, 0, &spa, sizeof(spa), SCTP_SENDV_SPA, 0);
return 0;
}
+++++
Compile this program:
$ gcc -Wall e.c -o e -lsctp
If you execute the program, a fatal error is raised:
$ ./e
** stack smashing detected ***: terminated
Important note: this error occurs ONLY if the 3 flags are present in field
sendv_flags. If only one or two (no matter which flag(s)) are present in field
sendv_flags, execution produces no error.
Best regards,
Yves Legrandgérard
-- System Information:
Debian Release: 12.12
APT prefers oldstable-security
APT policy: (500, 'oldstable-security'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-41-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libsctp1:amd64 depends on:
ii libc6 2.36-9+deb12u13
libsctp1:amd64 recommends no packages.
Versions of packages libsctp1:amd64 suggests:
ii lksctp-tools 1.0.19+dfsg-2
-- no debconf information
