Module Name: src
Committed By: riastradh
Date: Sat Mar 12 16:06:15 UTC 2022
Modified Files:
src/sys/kern: uipc_socket.c
Log Message:
kern: m_copym(M_DONTWAIT) can fail; handle that case gracefully.
Not sure if this should truncate the result or just fail with nonzero
error code (ENOBUFS?). Feel free to change this the other way if you
know better!
Reported-by: syzbot+54c34f25d1e4124eb...@syzkaller.appspotmail.com
To generate a diff of this commit:
cvs rdiff -u -r1.300 -r1.301 src/sys/kern/uipc_socket.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/uipc_socket.c
diff -u src/sys/kern/uipc_socket.c:1.300 src/sys/kern/uipc_socket.c:1.301
--- src/sys/kern/uipc_socket.c:1.300 Sat Oct 23 01:28:33 2021
+++ src/sys/kern/uipc_socket.c Sat Mar 12 16:06:15 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: uipc_socket.c,v 1.300 2021/10/23 01:28:33 thorpej Exp $ */
+/* $NetBSD: uipc_socket.c,v 1.301 2022/03/12 16:06:15 riastradh Exp $ */
/*
* Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc.
@@ -71,7 +71,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.300 2021/10/23 01:28:33 thorpej Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.301 2022/03/12 16:06:15 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -1367,7 +1367,8 @@ dontblock:
if (flags & MSG_PEEK) {
if (controlp != NULL) {
*controlp = m_copym(m, 0, m->m_len, M_DONTWAIT);
- controlp = &(*controlp)->m_next;
+ controlp = (*controlp == NULL ? NULL :
+ &(*controlp)->m_next);
}
m = m->m_next;
} else {
