linux-user: Fix length calculations in host_to_target_cmsg()

[Qemu-devel] [PATCH 0/2] linux-user: Fix length calculations in host_to_target_cmsg()

Peter Maydell posted 2 patches 6 years, 4 months ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/1513345976-22958-1-git-send-email-peter.maydell@linaro.org

Test checkpatch passed

Test docker passed

Test ppc passed

Test s390x passed

linux-user/syscall_defs.h |  6 +++---
linux-user/syscall.c      | 33 ++++++++++++++++++++++++---------
2 files changed, 27 insertions(+), 12 deletions(-)

Expand all Fold all

[Qemu-devel] [PATCH 0/2] linux-user: Fix length calculations in host_to_target_cmsg()

Posted by Peter Maydell 6 years, 4 months ago

This patchset fixes this bug:
https://bugs.launchpad.net/qemu/+bug/1701808

where we were getting our message length calculations in
host_to_target_cmsg() wrong and could thus overwrite the end of the
guest buffer when we tried to fill it with the results of a
recvmsg().

Patch 1 is the bugfix; patch 2 is a minor cleanup which removes some
unnecessary and confusing alignment arithmetic and brings us into
alignment with what the kernel currently does.

thanks
-- PMM

Peter Maydell (2):
  linux-user: Fix length calculations in host_to_target_cmsg()
  linux-user: Don't use CMSG_ALIGN(sizeof struct cmsghdr)

 linux-user/syscall_defs.h |  6 +++---
 linux-user/syscall.c      | 33 ++++++++++++++++++++++++---------
 2 files changed, 27 insertions(+), 12 deletions(-)

-- 
2.7.4