t_msgsnd: Use msgsnd()'s msgsz argument correctly to avoid overflow
msgsnd's msgsz argument is the size of the message following the 'long' message type. Don't include the message type in the size of the message when invoking msgsnd(2). Reported by: Coverity CID: 1368712 Sponsored by: Dell EMC Isilon
This commit is contained in:
parent
34a1b5b258
commit
ebf1bc1768
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=316179
@ -234,7 +234,7 @@ ATF_TC_BODY(msgsnd_nonblock, tc)
|
||||
for (;;) {
|
||||
|
||||
errno = 0;
|
||||
rv = msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT);
|
||||
rv = msgsnd(id, &msg, sizeof(msg.buf), IPC_NOWAIT);
|
||||
|
||||
if (rv == -1 && errno == EAGAIN)
|
||||
_exit(EXIT_SUCCESS);
|
||||
|
Loading…
Reference in New Issue
Block a user