Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/netinet6 Fix small read overflow; harmless, because sinc...



details:   https://anonhg.NetBSD.org/src/rev/1f2aca9dc23a
branches:  trunk
changeset: 997962:1f2aca9dc23a
user:      maxv <maxv%NetBSD.org@localhost>
date:      Wed Apr 03 19:23:38 2019 +0000

description:
Fix small read overflow; harmless, because since I removed RH0, the memory
access on IPV6_RTHDR that would normally be illegal is not needed, and GCC
automatically removes it.

diffstat:

 sys/netinet6/ip6_output.c |  6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diffs (27 lines):

diff -r 2410bb86b0ca -r 1f2aca9dc23a sys/netinet6/ip6_output.c
--- a/sys/netinet6/ip6_output.c Wed Apr 03 19:14:25 2019 +0000
+++ b/sys/netinet6/ip6_output.c Wed Apr 03 19:23:38 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip6_output.c,v 1.217 2019/02/04 10:48:46 mrg Exp $     */
+/*     $NetBSD: ip6_output.c,v 1.218 2019/04/03 19:23:38 maxv Exp $    */
 /*     $KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $    */
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.217 2019/02/04 10:48:46 mrg Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.218 2019/04/03 19:23:38 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -2772,7 +2772,7 @@
                        return (EINVAL);
 
                cm = mtod(control, struct cmsghdr *);
-               if (cm->cmsg_len == 0 || cm->cmsg_len > control->m_len)
+               if (cm->cmsg_len < CMSG_LEN(0) || cm->cmsg_len > control->m_len)
                        return (EINVAL);
                if (cm->cmsg_level != IPPROTO_IPV6)
                        continue;



Home | Main Index | Thread Index | Old Index