lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 13 Apr 2007 14:11:17 -0700 (PDT)
From:	David Miller <>
Subject: Re: Possible bug in netlink_recvmsg()

From: David Howells <>
Date: Fri, 13 Apr 2007 19:08:31 +0100

> AF_NETLINK sockets, however, do not do (3).  See this bit in netlink_recvmsg():
> 	copied = skb->len;
> 	if (len < copied) {
> 		msg->msg_flags |= MSG_TRUNC;
> 		copied = len;
> 	}
> Or is this only true if the caller of recvmsg() passes MSG_TRUNC in?

See this fix in my net-2.6.22 tree:

commit ad495d7b6cfcd1bc2eaf06c42699be0bb5d84234
Author: David S. Miller <>
Date:   Tue Mar 6 17:02:35 2007 -0800

    [NETLINK]: Mirror UDP MSG_TRUNC semantics.
    If the user passes MSG_TRUNC in via msg_flags, return
    the full packet size not the truncated size.
    Idea from Herbert Xu and Thomas Graf.
    Signed-off-by: David S. Miller <>

diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index e73d8f5..b31a732 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1242,6 +1242,9 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
 	scm_recv(sock, msg, siocb->scm, flags);
+	if (flags & MSG_TRUNC)
+		copied = skb->len;
 	return err ? : copied;
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists