git: bb46e9b5107f - main - linux(4): Prevent an attempt to copy an uninitialized source address.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 11 Apr 2022 20:30:07 UTC
The branch main has been updated by dchagin: URL: https://cgit.FreeBSD.org/src/commit/?id=bb46e9b5107fd8763742f7e55b66ea2e574f5815 commit bb46e9b5107fd8763742f7e55b66ea2e574f5815 Author: Dmitry Chagin <dchagin@FreeBSD.org> AuthorDate: 2022-04-11 20:29:45 +0000 Commit: Dmitry Chagin <dchagin@FreeBSD.org> CommitDate: 2022-04-11 20:29:45 +0000 linux(4): Prevent an attempt to copy an uninitialized source address. PR: 259380 MFC after: 3 days --- sys/compat/linux/linux_socket.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/sys/compat/linux/linux_socket.c b/sys/compat/linux/linux_socket.c index 453a6621d9a7..935d07ecb7e0 100644 --- a/sys/compat/linux/linux_socket.c +++ b/sys/compat/linux/linux_socket.c @@ -1289,8 +1289,16 @@ linux_recvfrom(struct thread *td, struct linux_recvfrom_args *args) if (error != 0) goto out; - if (PTRIN(args->from) != NULL) - error = linux_copyout_sockaddr(sa, PTRIN(args->from), msg.msg_namelen); + /* + * XXX. Seems that FreeBSD is different from Linux here. Linux + * fill source address if underlying protocol provides it, while + * FreeBSD fill it if underlying protocol is not connection-oriented. + * So, kern_recvit() set msg.msg_namelen to 0 if protocol pr_flags + * does not contains PR_ADDR flag. + */ + if (PTRIN(args->from) != NULL && msg.msg_namelen != 0) + error = linux_copyout_sockaddr(sa, PTRIN(args->from), + msg.msg_namelen); if (error == 0 && PTRIN(args->fromlen) != NULL) error = copyout(&msg.msg_namelen, PTRIN(args->fromlen),