| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Apr 2007 14:11:17 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: dhowells@...hat.com
Cc: netdev@...r.kernel.org
Subject: Re: Possible bug in netlink_recvmsg()
From: David Howells <dhowells@...hat.com>
Date: Fri, 13 Apr 2007 19:08:31 +0100
> AF_NETLINK sockets, however, do not do (3). See this bit in netlink_recvmsg():
>
> copied = skb->len;
> if (len < copied) {
> msg->msg_flags |= MSG_TRUNC;
> copied = len;
> }
>
> Or is this only true if the caller of recvmsg() passes MSG_TRUNC in?
See this fix in my net-2.6.22 tree:
commit ad495d7b6cfcd1bc2eaf06c42699be0bb5d84234
Author: David S. Miller <davem@...set.davemloft.net>
Date: Tue Mar 6 17:02:35 2007 -0800
[NETLINK]: Mirror UDP MSG_TRUNC semantics.
If the user passes MSG_TRUNC in via msg_flags, return
the full packet size not the truncated size.
Idea from Herbert Xu and Thomas Graf.
Signed-off-by: David S. Miller <davem@...emloft.net>
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index e73d8f5..b31a732 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1242,6 +1242,9 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
scm_recv(sock, msg, siocb->scm, flags);
+ if (flags & MSG_TRUNC)
+ copied = skb->len;
+
out:
netlink_rcv_wake(sk);
return err ? : copied;
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists