lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Apr 2007 14:11:17 -0700 (PDT) From: David Miller <davem@...emloft.net> To: dhowells@...hat.com Cc: netdev@...r.kernel.org Subject: Re: Possible bug in netlink_recvmsg() From: David Howells <dhowells@...hat.com> Date: Fri, 13 Apr 2007 19:08:31 +0100 > AF_NETLINK sockets, however, do not do (3). See this bit in netlink_recvmsg(): > > copied = skb->len; > if (len < copied) { > msg->msg_flags |= MSG_TRUNC; > copied = len; > } > > Or is this only true if the caller of recvmsg() passes MSG_TRUNC in? See this fix in my net-2.6.22 tree: commit ad495d7b6cfcd1bc2eaf06c42699be0bb5d84234 Author: David S. Miller <davem@...set.davemloft.net> Date: Tue Mar 6 17:02:35 2007 -0800 [NETLINK]: Mirror UDP MSG_TRUNC semantics. If the user passes MSG_TRUNC in via msg_flags, return the full packet size not the truncated size. Idea from Herbert Xu and Thomas Graf. Signed-off-by: David S. Miller <davem@...emloft.net> diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index e73d8f5..b31a732 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1242,6 +1242,9 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock, scm_recv(sock, msg, siocb->scm, flags); + if (flags & MSG_TRUNC) + copied = skb->len; + out: netlink_rcv_wake(sk); return err ? : copied; - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists