Re: 2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly

From: David S. Miller (davem@redhat.com)
Date: Fri Nov 03 2000 - 17:18:35 EST

Next message: Josue Emmanuel Amaro: "Re: Value of TASK_UNMAPPED_SIZE on 2.4"
Previous message: Jeff Garzik: "Re: Linux 2.4 Status / TODO page (Updated as of 2.4.0-test10)"
In reply to: Philippe Troin: "2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly"
Next in thread: Philippe Troin: "Re: 2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly"
Reply: Philippe Troin: "Re: 2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The real bug is in the setting of MSG_TRUNC (which is the only side
effect of your change). So the better fix is:

--- net/core/scm.c.~1~ Tue Jun 15 09:19:30 1999
+++ net/core/scm.c Fri Nov 3 14:18:06 2000
@@ -251,7 +251,7 @@
                         msg->msg_controllen -= cmlen;
                 }
         }
- if (i < fdnum)
+ if (i < fdnum || (fdnum && fdmax <= 0))
                 msg->msg_flags |= MSG_CTRUNC;

         /*
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Josue Emmanuel Amaro: "Re: Value of TASK_UNMAPPED_SIZE on 2.4"
Previous message: Jeff Garzik: "Re: Linux 2.4 Status / TODO page (Updated as of 2.4.0-test10)"
In reply to: Philippe Troin: "2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly"
Next in thread: Philippe Troin: "Re: 2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly"
Reply: Philippe Troin: "Re: 2.2.x BUG & PATCH: recvmsg() does not check msg_controllen correctly"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Nov 07 2000 - 21:00:14 EST