d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

linux(4): Prevent an attempt to copy an uninitialized source address.

Browse Source 
PR:			259380
MFC after:		3 days
This commit is contained in:
Dmitry Chagin 2022-04-11 23:29:45 +03:00
parent 6ca0ca7b4c
commit bb46e9b510
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
sys/compat/linux/linux_socket.c
View File

@ -1289,8 +1289,16 @@ linux_recvfrom(struct thread *td, struct linux_recvfrom_args *args)
if (error != 0)
goto out;
if (PTRIN(args->from) != NULL)
error = linux_copyout_sockaddr(sa, PTRIN(args->from), msg.msg_namelen);
/*
* XXX. Seems that FreeBSD is different from Linux here. Linux
* fill source address if underlying protocol provides it, while
* FreeBSD fill it if underlying protocol is not connection-oriented.
* So, kern_recvit() set msg.msg_namelen to 0 if protocol pr_flags
* does not contains PR_ADDR flag.
*/
if (PTRIN(args->from) != NULL && msg.msg_namelen != 0)
error = linux_copyout_sockaddr(sa, PTRIN(args->from),
msg.msg_namelen);
if (error == 0 && PTRIN(args->fromlen) != NULL)
error = copyout(&msg.msg_namelen, PTRIN(args->fromlen),