linux-user: Use g_try_malloc() in do_msgrcv()

In do_msgrcv() we want to allocate a message buffer, whose size is passed to us by the guest. That means we could legitimately fail, so use g_try_malloc() and handle the error case, in the same way that do_msgsnd() does. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
author: Peter Maydell 2016-05-20 20:00:57 +0200
committer: Riku Voipio 2016-05-27 13:50:39 +0200
commit: 415d847110e3f8cd176160b92a5fdc56d8a20792 (patch)
tree: 863bda57c9db1d342ff1812e348464549e3e76bf /linux-user/syscall.c
parent: linux-user: Handle msgrcv error case correctly (diff)
download: qemu-415d847110e3f8cd176160b92a5fdc56d8a20792.tar.gz
qemu-415d847110e3f8cd176160b92a5fdc56d8a20792.tar.xz
qemu-415d847110e3f8cd176160b92a5fdc56d8a20792.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index cec5b80331..40e8742924 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3167,7 +3167,11 @@ static inline abi_long do_msgrcv(int msqid, abi_long msgp,
     if (!lock_user_struct(VERIFY_WRITE, target_mb, msgp, 0))
         return -TARGET_EFAULT;
 
-    host_mb = g_malloc(msgsz+sizeof(long));
+    host_mb = g_try_malloc(msgsz + sizeof(long));
+    if (!host_mb) {
+        ret = -TARGET_ENOMEM;
+        goto end;
+    }
     ret = get_errno(msgrcv(msqid, host_mb, msgsz, msgtyp, msgflg));
 
     if (ret > 0) {
author	Peter Maydell	2016-05-20 20:00:57 +0200
committer	Riku Voipio	2016-05-27 13:50:39 +0200
commit	415d847110e3f8cd176160b92a5fdc56d8a20792 (patch)
tree	863bda57c9db1d342ff1812e348464549e3e76bf /linux-user/syscall.c
parent	linux-user: Handle msgrcv error case correctly (diff)
download	qemu-415d847110e3f8cd176160b92a5fdc56d8a20792.tar.gz qemu-415d847110e3f8cd176160b92a5fdc56d8a20792.tar.xz qemu-415d847110e3f8cd176160b92a5fdc56d8a20792.zip