summaryrefslogtreecommitdiff
path: root/src/network/sendmsg.c
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2012-07-12 21:37:54 -0400
committerRich Felker <dalias@aerifal.cx>2012-07-12 21:37:54 -0400
commit96107564e2eabbc13800fe7a7d930b67216d0805 (patch)
treec46507f195ab69f3ffacfdeca118e337e097849e /src/network/sendmsg.c
parent90e123f4a810d17c6bd8c2102939f6416481427e (diff)
downloadmusl-96107564e2eabbc13800fe7a7d930b67216d0805.tar.gz
workaround another sendmsg kernel bug on 64-bit machines
the kernel wrongly expects the cmsg length field to be size_t instead of socklen_t. in order to work around the issue, we have to impose a length limit and copy to a local buffer. the length limit should be more than sufficient for any real-world use; these headers are only used for passing file descriptors and permissions between processes over unix sockets.
Diffstat (limited to 'src/network/sendmsg.c')
-rw-r--r--src/network/sendmsg.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/network/sendmsg.c b/src/network/sendmsg.c
index 164c28d7..5f080007 100644
--- a/src/network/sendmsg.c
+++ b/src/network/sendmsg.c
@@ -1,5 +1,7 @@
#include <sys/socket.h>
#include <limits.h>
+#include <string.h>
+#include <errno.h>
#include "syscall.h"
#include "libc.h"
@@ -7,10 +9,21 @@ ssize_t sendmsg(int fd, const struct msghdr *msg, int flags)
{
#if LONG_MAX > INT_MAX
struct msghdr h;
+ struct cmsghdr chbuf[1024/sizeof(struct cmsghdr)+1], *c;
if (msg) {
h = *msg;
h.__pad1 = h.__pad2 = 0;
msg = &h;
+ if (h.msg_controllen) {
+ if (h.msg_controllen > 1024) {
+ errno = ENOMEM;
+ return -1;
+ }
+ memcpy(chbuf, h.msg_control, h.msg_controllen);
+ h.msg_control = chbuf;
+ for (c=CMSG_FIRSTHDR(&h); c; c=CMSG_NXTHDR(&h,c))
+ c->__pad1 = 0;
+ }
}
#endif
return socketcall_cp(sendmsg, fd, msg, flags, 0, 0, 0);