[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 1/1] linux-user: NETLINK_LIST_MEMBERSHIPS: Allow bad ptr if its le
From: |
Laurent Vivier |
Subject: |
[PULL 1/1] linux-user: NETLINK_LIST_MEMBERSHIPS: Allow bad ptr if its length is 0 |
Date: |
Tue, 30 Mar 2021 16:38:46 +0200 |
From: Frédéric Fortier <frf@ghgsat.com>
getsockopt(fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, *optval, *optlen)
syscall allows optval to be NULL/invalid if optlen points to a size of
zero. This allows userspace to query the length of the array they should
use to get the full membership list before allocating memory for said
list, then re-calling getsockopt with proper optval/optlen arguments.
Notable users of this pattern include systemd-networkd, which in the
(albeit old) version 237 tested, cannot start without this fix.
Signed-off-by: Frédéric Fortier <frf@ghgsat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210328180135.88449-1-frf@ghgsat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
linux-user/syscall.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 294779c86f4d..95d79ddc437a 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3025,7 +3025,7 @@ get_timeout:
return -TARGET_EINVAL;
}
results = lock_user(VERIFY_WRITE, optval_addr, len, 1);
- if (!results) {
+ if (!results && len > 0) {
return -TARGET_EFAULT;
}
lv = len;
--
2.30.2