diff options
| author | Frédéric Fortier | 2021-03-28 20:01:35 +0200 |
|---|---|---|
| committer | Laurent Vivier | 2021-03-29 21:56:18 +0200 |
| commit | 13e340c886679fb17df02a35e7d82cb8beb6e9f4 (patch) | |
| tree | 8ed216ec42b40f3aeeb7fdb2d5f7bc24909ecfde /linux-user/syscall.c | |
| parent | Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-re... (diff) | |
| download | qemu-13e340c886679fb17df02a35e7d82cb8beb6e9f4.tar.gz qemu-13e340c886679fb17df02a35e7d82cb8beb6e9f4.tar.xz qemu-13e340c886679fb17df02a35e7d82cb8beb6e9f4.zip | |
linux-user: NETLINK_LIST_MEMBERSHIPS: Allow bad ptr if its length is 0
getsockopt(fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, *optval, *optlen)
syscall allows optval to be NULL/invalid if optlen points to a size of
zero. This allows userspace to query the length of the array they should
use to get the full membership list before allocating memory for said
list, then re-calling getsockopt with proper optval/optlen arguments.
Notable users of this pattern include systemd-networkd, which in the
(albeit old) version 237 tested, cannot start without this fix.
Signed-off-by: Frédéric Fortier <frf@ghgsat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210328180135.88449-1-frf@ghgsat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Diffstat (limited to 'linux-user/syscall.c')
| -rw-r--r-- | linux-user/syscall.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 294779c86f..95d79ddc43 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -3025,7 +3025,7 @@ get_timeout: return -TARGET_EINVAL; } results = lock_user(VERIFY_WRITE, optval_addr, len, 1); - if (!results) { + if (!results && len > 0) { return -TARGET_EFAULT; } lv = len; |