When less bytes than the header size is read, do not indicate to the caller
that the read was successful, as the caller would read uninitialized memory.
To achieve that, subtract the header size unconditionally (unless an error
was returned by sk_receive).
In addition, do not check for Ethernet type when full Ethernet header was
not read. This again may lead to reading of uninitialized memory.
Signed-off-by: Jiri Benc <jb...@redhat.com>
---
raw.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/raw.c b/raw.c
index 1bfc1bbde509..795292fab358 100644
--- a/raw.c
+++ b/raw.c
@@ -244,6 +244,11 @@ static int raw_recv(struct transport *t, int fd, void
*buf, int buflen,
cnt = sk_receive(fd, ptr, buflen, hwts, 0);
+ if (cnt >= 0)
+ cnt -= hlen;
+ if (cnt < 0)
+ return cnt;
+
if (raw->vlan) {
if (ETH_P_1588 == ntohs(hdr->type)) {
pr_notice("raw: disabling VLAN mode");
@@ -255,9 +260,6 @@ static int raw_recv(struct transport *t, int fd, void *buf,
int buflen,
raw->vlan = 1;
}
}
- if (cnt >= hlen) {
- cnt -= hlen;
- }
return cnt;
}
--
1.7.6.5
------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Linuxptp-devel mailing list
Linuxptp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linuxptp-devel
