Page MenuHomeFreeBSD
Differential D19768

freebsd32: fix padding of computed control message length for recvmsg()
ClosedPublic
Actions

Authored by jah on Mar 30 2019, 11:21 PM.
Tags
None
Referenced Files
F106164399: D19768.id55636.diff
Thu, Dec 26, 11:03 AM
F106133326: D19768.diff
Wed, Dec 25, 11:04 PM
Unknown Object (File)
Sat, Dec 21, 4:18 PM
Unknown Object (File)
Nov 12 2024, 9:41 AM
Unknown Object (File)
Oct 30 2024, 5:32 AM
Unknown Object (File)
Oct 30 2024, 5:32 AM
Unknown Object (File)
Oct 30 2024, 5:31 AM
Unknown Object (File)
Oct 30 2024, 5:13 AM
View All 41 Files
Subscribers
imp

Details

Reviewers
markj
Commits
rS345741: freebsd32: fix padding of computed control message length for recvmsg()
Summary

Each control message region must be aligned on a 4-byte boundary on 32-bit
architectures. The 32-bit compat shim for recvmsg() gets the actual layout
right, but doesn't pad the payload length when computing msg_controllen for
the output message header. If a control message contains an unaligned
payload, such as the 1-byte TTL field in the example attached to PR 236737,
this can produce control message payload boundaries that extend beyond
the boundary reported by msg_controllen.

PR: 236737

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 23410
Build 22426: arc lint + arc unit

Revision Contents
Changeset List

PathSize
sys/
compat/
freebsd32/
4 lines

Diff 55636

View Options

sys/compat/freebsd32/freebsd32_misc.c

Loading...