netdev
[Top] [All Lists]

[PATCH] Problem with recent CMSG_COMPAT_OK fix

To: "David S. Miller" <davem@xxxxxxxxxxxxx>
Subject: [PATCH] Problem with recent CMSG_COMPAT_OK fix
From: Olaf Kirch <okir@xxxxxxx>
Date: Tue, 4 Jan 2005 17:59:34 +0100
Cc: netdev@xxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6i
Hi,

The recent fixes for cmsg_len handling seem to break 32bit compatibility
at least on x86_64. The new CMSG_COMPAT_OK macro requires that cmsg_len
is greater or equal the size of struct cmsghdr, which is the 64bit
version of the struct.  The code should really check against the size
of struct compat_cmsghdr.

Signed-off-by: Olaf Kirch <okir@xxxxxxx>

--- linux-2.6.10/net/compat.c.orig      2005-01-04 13:51:49.000000000 +0100
+++ linux-2.6.10/net/compat.c   2005-01-04 16:53:38.000000000 +0100
@@ -125,7 +125,7 @@
         (struct compat_cmsghdr __user *)NULL)
 
 #define CMSG_COMPAT_OK(ucmlen, ucmsg, mhdr) \
-       ((ucmlen) >= sizeof(struct cmsghdr) && \
+       ((ucmlen) >= sizeof(struct compat_cmsghdr) && \
         (ucmlen) <= (unsigned long) \
         ((mhdr)->msg_controllen - \
          ((char *)(ucmsg) - (char *)(mhdr)->msg_control)))

-- 
Olaf Kirch     | Things that make Monday morning interesting, #2:
okir@xxxxxxx   |        "We have 8,000 NFS mount points, why do we keep
---------------+         running out of privileged ports?"

Attachment: cmsg-compat-signedness-fix-fix
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>