Unverified Commit c06633e4 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!4412 v3 Save and restore msg_namelen in sock_sendmsg 

Merge Pull Request from: @ci-robot 
 
PR sync from: Liu Jian <liujian56@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/KXVTLAWWF76TIOBK5IHOVRUAUD77VGN2/ 
v2: add cover letter
v3: fix one compile error

Jordan Rife (1):
  net: prevent rewrite of msg_name in sock_sendmsg()

Marc Dionne (1):
  net: Save and restore msg_namelen in sock_sendmsg


-- 
2.34.1
 
https://gitee.com/openeuler/kernel/issues/I90HST 
 
Link:https://gitee.com/openeuler/kernel/pulls/4412

 

Reviewed-by: default avatarYue Haibing <yuehaibing@huawei.com>
Reviewed-by: default avatarLiu YongQiang <liuyongqiang13@huawei.com>
Signed-off-by: default avatarZhang Changzhong <zhangchangzhong@huawei.com>
parents 4a112fbf 0ac2fa08

net/socket.c

+23 −4
Original line number Diff line number Diff line
@@ -653,13 +653,32 @@ static inline int sock_sendmsg_nosec(struct socket *sock, struct msghdr *msg) 
	return ret;

}



int sock_sendmsg(struct socket *sock, struct msghdr *msg)

static int __sock_sendmsg(struct socket *sock, struct msghdr *msg)

{

	int err = security_socket_sendmsg(sock, msg,

					  msg_data_left(msg));



	return err ?: sock_sendmsg_nosec(sock, msg);

}



int sock_sendmsg(struct socket *sock, struct msghdr *msg)

{

	struct sockaddr_storage *save_addr = (struct sockaddr_storage *)msg->msg_name;

	struct sockaddr_storage address;

	int save_len = msg->msg_namelen;

	int ret;



	if (msg->msg_name) {

		memcpy(&address, msg->msg_name, msg->msg_namelen);

		msg->msg_name = &address;

	}



	ret = __sock_sendmsg(sock, msg);

	msg->msg_name = save_addr;

	msg->msg_namelen = save_len;



	return ret;

}

EXPORT_SYMBOL(sock_sendmsg);



/**
@@ -963,7 +982,7 @@ static ssize_t sock_write_iter(struct kiocb *iocb, struct iov_iter *from) 
	if (sock->type == SOCK_SEQPACKET)

		msg.msg_flags |= MSG_EOR;



	res = sock_sendmsg(sock, &msg);

	res = __sock_sendmsg(sock, &msg);

	*from = msg.msg_iter;

	return res;

}
@@ -1940,7 +1959,7 @@ int __sys_sendto(int fd, void __user *buff, size_t len, unsigned int flags, 
	if (sock->file->f_flags & O_NONBLOCK)

		flags |= MSG_DONTWAIT;

	msg.msg_flags = flags;

	err = sock_sendmsg(sock, &msg);

	err = __sock_sendmsg(sock, &msg);



out_put:

	fput_light(sock->file, fput_needed);
@@ -2272,7 +2291,7 @@ static int ____sys_sendmsg(struct socket *sock, struct msghdr *msg_sys, 
		err = sock_sendmsg_nosec(sock, msg_sys);

		goto out_freectl;

	}

	err = sock_sendmsg(sock, msg_sys);

	err = __sock_sendmsg(sock, msg_sys);

	/*

	 * If this is sendmmsg() and sending to current destination address was

	 * successful, remember it.