Package: libc0.3 Version: 2.23-4 Severity: normal Tags: patch upstream Control: forwarded -1 https://sourceware.org/bugzilla/show_bug.cgi?id=20444
Dear Maintainer, When using recvmsg on a PF_LOCAL socket, if msg_name and msg_namelen are set, the process receives SIGLOST. This is due to glibc's recvmsg implementation assuming that the peer address returned by __socket_recv is always valid, when in fact that function returns MACH_PORT_NULL when used in combination with PF_LOCAL sockets. Passing that to __socket_whatis_address will generate SIGLOST. recvfrom is not affected, that already checks for MACH_PORT_NULL. I've attached a patch that fixes that issue for me, adding a check in the same way recvfrom does it currently. I've also reported this issue upstream: https://sourceware.org/bugzilla/show_bug.cgi?id=20444 I've also forwarded this patch to the bug-hurd and debian-hurd mailing lists: https://lists.debian.org/debian-hurd/2016/08/msg00010.html https://lists.gnu.org/archive/html/bug-hurd/2016-08/msg00012.html Regards, Christian -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: hurd-i386 (i686-AT386) Kernel: GNU-Mach 1.7+git20160607-486/Hurd-0.8 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to C.UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages libc0.3 depends on: ii hurd-libs0.3 1:0.8.git20160522-4+b1 ii libgcc1 1:6.1.1-9 libc0.3 recommends no packages. Versions of packages libc0.3 suggests: ii debconf [debconf-2.0] 1.5.59 pn glibc-doc <none> pn libc-l10n <none> -- debconf information excluded
Description: [hurd] recvmsg: don't try to resolve invalid address Hurd's PF_LOCAL implementation doesn't return an address when calling __recv. recvmsg wasn't catching that and tried to call __socket_whatis_address on MACH_PORT_NULL, causing Hurd to send SIGLOST to the process. Properly handle this, analogously to how recvfrom does it. Author: Christian Seiler <christ...@iwakd.de> Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=20444 Last-Update: 2016-08-05 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- a/sysdeps/mach/hurd/recvmsg.c +++ b/sysdeps/mach/hurd/recvmsg.c @@ -202,7 +202,7 @@ __libc_recvmsg (int fd, struct msghdr *m &message->msg_flags, amount))) return __hurd_sockfail (fd, flags, err); - if (message->msg_name != NULL) + if (message->msg_name != NULL && aport != MACH_PORT_NULL) { char *buf = message->msg_name; mach_msg_type_number_t buflen = message->msg_namelen; @@ -236,6 +236,8 @@ __libc_recvmsg (int fd, struct msghdr *m if (buflen > 0) ((struct sockaddr *) message->msg_name)->sa_family = type; } + else if (message->msg_name != NULL) + message->msg_namelen = 0; __mach_port_deallocate (__mach_task_self (), aport);
