Permalink
Browse files

The SA-16:19 wouldn't have happened if the sockargs() had properly typed

argument for length.  While here make it static and convert to ANSI C.

Reviewed by:	C Turt
  • Loading branch information...
glebius committed May 18, 2016
1 parent e971b15 commit 047e60c94a85e1381cd4e18c9e845ec34d5164a9
Showing with 4 additions and 10 deletions.
  1. +4 −9 sys/kern/uipc_syscalls.c
  2. +0 −1 sys/sys/socketvar.h
View
@@ -84,6 +84,7 @@ static int getsockname1(struct thread *td, struct getsockname_args *uap,
int compat);
static int getpeername1(struct thread *td, struct getpeername_args *uap,
int compat);
static int sockargs(struct mbuf **, char *, socklen_t, int);
/*
* Convert a user file descriptor to a kernel file entry and check if required
@@ -1689,19 +1690,13 @@ ogetpeername(td, uap)
}
#endif /* COMPAT_OLDSOCK */
int
sockargs(mp, buf, buflen, type)
struct mbuf **mp;
caddr_t buf;
int buflen, type;
static int
sockargs(struct mbuf **mp, char *buf, socklen_t buflen, int type)
{
struct sockaddr *sa;
struct mbuf *m;
int error;
if (buflen < 0)
return (EINVAL);
if (buflen > MLEN) {
#ifdef COMPAT_OLDSOCK
if (type == MT_SONAME && buflen <= 112)
@@ -1713,7 +1708,7 @@ sockargs(mp, buf, buflen, type)
}
m = m_get2(buflen, M_WAITOK, type, 0);
m->m_len = buflen;
error = copyin(buf, mtod(m, caddr_t), (u_int)buflen);
error = copyin(buf, mtod(m, void *), buflen);
if (error != 0)
(void) m_free(m);
else {
View
@@ -335,7 +335,6 @@ struct uio;
/*
* From uipc_socket and friends
*/
int sockargs(struct mbuf **mp, caddr_t buf, int buflen, int type);
int getsockaddr(struct sockaddr **namp, caddr_t uaddr, size_t len);
int getsock_cap(struct thread *td, int fd, cap_rights_t *rightsp,
struct file **fpp, u_int *fflagp);

0 comments on commit 047e60c

Please sign in to comment.