rlb pushed a commit to branch main
in repository guile.
commit 4af6331a65af74f31585c04e70f1b8cbd320159d
Author: Michael Gran <spk...@yahoo.com>
AuthorDate: Sat Mar 8 18:42:35 2025 -0800
Fixes potential buffer overflow in getsockopt for timevals
struct timeval is a possible return value of getsockopt (e.g. SO_RCVTIMEO
and SO_SNDTIMEO), but it is not included in the scm_t_getsockopt_result
union, which may then be too small (and is on Debian amd64).
* libguile/socket.c: add struct timeval to scm_t_getsockopt union
[r...@defaultvalue.org: adjust commit message; add NEWS]
Closes: 76907
---
NEWS | 2 ++
libguile/socket.c | 3 ++-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index 551662867..394a7a78d 100644
--- a/NEWS
+++ b/NEWS
@@ -96,6 +96,8 @@ every line in a file.
** r6rs-ports.test custom ports tests should no longer fail on stray closes
Previously the custom ports weren't explicitly closed, causing
GC-related closes to produce spurious "log" events in other tests.
+** getsockopt no longer risks a buffer overrun with timestamps
+ (<https://bugs.gnu.org/76907>)
�
Changes in 3.0.10 (since 3.0.9)
diff --git a/libguile/socket.c b/libguile/socket.c
index 101afd80d..aa012c919 100644
--- a/libguile/socket.c
+++ b/libguile/socket.c
@@ -1,4 +1,4 @@
-/* Copyright 1996-1998,2000-2007,2009,2011-2015,2018,2021,2022
+/* Copyright 1996-1998,2000-2007,2009,2011-2015,2018,2021,2022,2025
Free Software Foundation, Inc.
This file is part of Guile.
@@ -454,6 +454,7 @@ typedef union
#endif
size_t size;
int integer;
+ struct timeval timeval;
} scm_t_getsockopt_result;
SCM_DEFINE (scm_getsockopt, "getsockopt", 3, 0, 0,
