From a4d40cb502558c27c82303bb98aedc2dd8d6a888 Mon Sep 17 00:00:00 2001
From: Taylor Brandstetter <deadbeef@webrtc.org>
Date: Wed, 7 Sep 2016 10:05:21 -0700
Subject: [PATCH] Fixing stack buffer overflow (read) in SctpDataEngine.

Was using the wrong size when memcpy'ing a sockaddr_conn.

BUG=chromium:642638
TBR=pthatcher@webrtc.org

Review URL: https://codereview.webrtc.org/2318653003 .

Cr-Commit-Position: refs/heads/master@{#14111}
---
 webrtc/media/sctp/sctpdataengine.cc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/webrtc/media/sctp/sctpdataengine.cc b/webrtc/media/sctp/sctpdataengine.cc
index 2d8d48eee3..a724b2af69 100644
--- a/webrtc/media/sctp/sctpdataengine.cc
+++ b/webrtc/media/sctp/sctpdataengine.cc
@@ -550,8 +550,7 @@ bool SctpDataMediaChannel::Connect() {
   // Set the MTU and disable MTU discovery.
   // We can only do this after usrsctp_connect or it has no effect.
   sctp_paddrparams params = {{0}};
-  memcpy(reinterpret_cast<sockaddr*>(&params.spp_address),
-         reinterpret_cast<sockaddr*>(&remote_sconn), sizeof(sockaddr));
+  memcpy(&params.spp_address, &remote_sconn, sizeof(remote_sconn));
   params.spp_flags = SPP_PMTUD_DISABLE;
   params.spp_pathmtu = kSctpMtu;
   if (usrsctp_setsockopt(sock_, IPPROTO_SCTP, SCTP_PEER_ADDR_PARAMS, &params,