diff mbox

[3/4] alloca one extra byte sockets

Message ID 1405091884-29955-4-git-send-email-Joakim.Tjernlund@transmode.se
State New
Headers show

Commit Message

Joakim Tjernlund July 11, 2014, 3:18 p.m. UTC 
target_to_host_sockaddr() may increase the lenth with 1 byte
for AF_UNIX sockets so allocate 1 extra byte.

Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
---
 linux-user/syscall.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

Comments

Peter Maydell July 11, 2014, 5:08 p.m. UTC | #1 
On 11 July 2014 16:18, Joakim Tjernlund <Joakim.Tjernlund@transmode.se> wrote:
> target_to_host_sockaddr() may increase the lenth with 1 byte
> for AF_UNIX sockets so allocate 1 extra byte.
>
> Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> ---
>  linux-user/syscall.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index a0e1ccc..8853c4e 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -1978,7 +1978,7 @@ static abi_long do_connect(int sockfd, abi_ulong target_addr,
>          return -TARGET_EINVAL;
>      }
>
> -    addr = alloca(addrlen);
> +    addr = alloca(addrlen+1);
>
>      ret = target_to_host_sockaddr(addr, target_addr, addrlen);
>      if (ret)
> @@ -1999,7 +1999,7 @@ static abi_long do_sendrecvmsg_locked(int fd, struct target_msghdr *msgp,
>
>      if (msgp->msg_name) {
>          msg.msg_namelen = tswap32(msgp->msg_namelen);
> -        msg.msg_name = alloca(msg.msg_namelen);
> +        msg.msg_name = alloca(msg.msg_namelen+1);
>          ret = target_to_host_sockaddr(msg.msg_name, tswapal(msgp->msg_name),
>                                  msg.msg_namelen);
>          if (ret) {
> @@ -2262,7 +2262,7 @@ static abi_long do_sendto(int fd, abi_ulong msg, size_t len, int flags,
>      if (!host_msg)
>          return -TARGET_EFAULT;
>      if (target_addr) {
> -        addr = alloca(addrlen);
> +        addr = alloca(addrlen+1);
>          ret = target_to_host_sockaddr(addr, target_addr, addrlen);
>          if (ret) {
>              unlock_user(host_msg, msg, 0);

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

I see we already got this right for do_bind() when the code to fiddle
with the terminator for AF_UNIX sockaddrs went in.

thanks
-- PMM
Riku Voipio July 15, 2014, 1:29 p.m. UTC | #2 
On Fri, Jul 11, 2014 at 05:18:03PM +0200, Joakim Tjernlund wrote:
> target_to_host_sockaddr() may increase the lenth with 1 byte
> for AF_UNIX sockets so allocate 1 extra byte.

Thanks, applied to linux-user tree

> Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> ---
>  linux-user/syscall.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index a0e1ccc..8853c4e 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -1978,7 +1978,7 @@ static abi_long do_connect(int sockfd, abi_ulong target_addr,
>          return -TARGET_EINVAL;
>      }
>  
> -    addr = alloca(addrlen);
> +    addr = alloca(addrlen+1);
>  
>      ret = target_to_host_sockaddr(addr, target_addr, addrlen);
>      if (ret)
> @@ -1999,7 +1999,7 @@ static abi_long do_sendrecvmsg_locked(int fd, struct target_msghdr *msgp,
>  
>      if (msgp->msg_name) {
>          msg.msg_namelen = tswap32(msgp->msg_namelen);
> -        msg.msg_name = alloca(msg.msg_namelen);
> +        msg.msg_name = alloca(msg.msg_namelen+1);
>          ret = target_to_host_sockaddr(msg.msg_name, tswapal(msgp->msg_name),
>                                  msg.msg_namelen);
>          if (ret) {
> @@ -2262,7 +2262,7 @@ static abi_long do_sendto(int fd, abi_ulong msg, size_t len, int flags,
>      if (!host_msg)
>          return -TARGET_EFAULT;
>      if (target_addr) {
> -        addr = alloca(addrlen);
> +        addr = alloca(addrlen+1);
>          ret = target_to_host_sockaddr(addr, target_addr, addrlen);
>          if (ret) {
>              unlock_user(host_msg, msg, 0);
> -- 
> 1.8.5.5
>
diff mbox

Patch

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index a0e1ccc..8853c4e 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1978,7 +1978,7 @@  static abi_long do_connect(int sockfd, abi_ulong target_addr,
         return -TARGET_EINVAL;
     }
 
-    addr = alloca(addrlen);
+    addr = alloca(addrlen+1);
 
     ret = target_to_host_sockaddr(addr, target_addr, addrlen);
     if (ret)
@@ -1999,7 +1999,7 @@  static abi_long do_sendrecvmsg_locked(int fd, struct target_msghdr *msgp,
 
     if (msgp->msg_name) {
         msg.msg_namelen = tswap32(msgp->msg_namelen);
-        msg.msg_name = alloca(msg.msg_namelen);
+        msg.msg_name = alloca(msg.msg_namelen+1);
         ret = target_to_host_sockaddr(msg.msg_name, tswapal(msgp->msg_name),
                                 msg.msg_namelen);
         if (ret) {
@@ -2262,7 +2262,7 @@  static abi_long do_sendto(int fd, abi_ulong msg, size_t len, int flags,
     if (!host_msg)
         return -TARGET_EFAULT;
     if (target_addr) {
-        addr = alloca(addrlen);
+        addr = alloca(addrlen+1);
         ret = target_to_host_sockaddr(addr, target_addr, addrlen);
         if (ret) {
             unlock_user(host_msg, msg, 0);