No ABORT is sent on reception of a DATA chunk which is too short

[tuexen]

The problem can be triggered by the following packetdrill script:

// Create a non-blocking 1-to-1 style socket
 0.0 socket(..., SOCK_STREAM, IPPROTO_SCTP) = 3
+0.0 fcntl(3, F_GETFL) = 0x02 (flags O_RDWR)
+0.0 fcntl(3, F_SETFL, O_RDWR | O_NONBLOCK) = 0
+0.0 setsockopt(3, IPPROTO_SCTP, SCTP_RTOINFO, {srto_initial=100, srto_max=800, srto_min=100}, 16) = 0
// Trigger the active associtation setup
+0.1 connect(3, ..., ...) = -1 EINPROGRESS (Operation now in progress)
+0.0 > sctp: INIT[flgs=0, tag=1, a_rwnd=..., os=..., is=..., tsn=1, ...]
+0.0 < sctp: INIT_ACK[flgs=0, tag=2, a_rwnd=1500, os=1, is=1, tsn=1, STATE_COOKIE[len=4, val=...]]
+0.0 > sctp: COOKIE_ECHO[flgs=0, len=4, val=...]
+0.0 < sctp: COOKIE_ACK[flgs=0]
// Check if the setup was sucessful
+0.0 getsockopt(3, SOL_SOCKET, SO_ERROR, [0], [4]) = 0
// Inject a too short DATA chunk (len can be 4..15)
+0.0 < sctp: CHUNK[type=0x00, flgs=0x00, len=4, val=[]]
+0.0 > sctp: ABORT[flgs=0x00, PROTOCOL_VIOLATION[info="DATA chunk of length 4"]]