This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
[PATCH] bug in sysdeps/unix/sysv/linux/cmsg_nxthdr.c
- To: GNU C Library <libc-alpha at sourceware dot cygnus dot com>
- Subject: [PATCH] bug in sysdeps/unix/sysv/linux/cmsg_nxthdr.c
- From: James Antill <james at and dot org>
- Date: 25 Feb 2001 20:31:51 -0500
- Cc: Ben Collins <bcollins at debian dot org>
There is a bug in sysdeps/unix/sysv/linux/cmsg_nxthdr.c in both
glibc-2.1.3 and glibc-2.2.2 ... the bug stops the function from
returning data for the last CMSG in the list (so you always lose one
when you have 2 or more).
The test is performing (in English)...
1. If the size of a zero length control message is equal to or greater
than the space available, fail.
2. If the size specified in the control message is equal to or greater
than the space available, fail.
However the second test is valid, and should only fail if it is
greater.
Here is the patch...
--- sysdeps/unix/sysv/linux/cmsg_nxthdr.c-orig Sun Feb 25 19:53:03 2001
+++ sysdeps/unix/sysv/linux/cmsg_nxthdr.c Sun Feb 25 19:53:27 2001
@@ -32,7 +32,7 @@
if ((unsigned char *) (cmsg + 1) >= ((unsigned char *) mhdr->msg_control
+ mhdr->msg_controllen)
|| ((unsigned char *) cmsg + CMSG_ALIGN (cmsg->cmsg_len)
- >= ((unsigned char *) mhdr->msg_control + mhdr->msg_controllen)))
+ > ((unsigned char *) mhdr->msg_control + mhdr->msg_controllen)))
/* No more entries. */
return NULL;
return cmsg;
Here is a test case...
recvmsg_example.c
Ps. Ben I've Cc'd this to you as I'd it'd be nice if my 2.2 system
had this fixed too :) :)
--
# James Antill -- james@and.org
:0:
* ^From: .*james@and\.org
/dev/null