https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259380
--- Comment #11 from Jason Mader <[email protected]> --- (In reply to Jason Mader from comment #10) When linux_recvfrom() calls kern_recvit() the value of msg.msg_namelen is 28, and after the call it is 0. kern_recvit() source didn't change, but bsd_to_linux_sockaddr() did. Prior to FreeBSD 12.2, bsd_to_linux_sockaddr() didn't check the value of msg.msg_namelen (as len). Now it does, if (len < 2 || len > UCHAR_MAX) return (EINVAL); I am currently working around this with, --- linux_socket.c +++ linux_socket.c @@ -926,10 +926,10 @@ goto out; if (PTRIN(args->from) != NULL) { - error = bsd_to_linux_sockaddr(sa, &lsa, msg.msg_namelen); + error = bsd_to_linux_sockaddr(sa, &lsa, fromlen); if (error == 0) error = copyout(lsa, PTRIN(args->from), - msg.msg_namelen); + fromlen); free(lsa, M_SONAME); } -- You are receiving this mail because: You are the assignee for the bug.
