Re: [PATCH] dccp sizeof correction

In article <[email protected]> (at Tue, 22 Nov 2005 11:51:31 +0100), Hagen Paul Pfeifer <[email protected]> says:

> Setsockopt in DCCP make the assumption that sizeof(int) is the same as
> sizeof(u32), that isn't correct at all. ;)

The patch is not correct.
I think we should use int for DCCP_SOCKOPT_SERVICE.

Signed-off-by: YOSHIFUJI Hideaki <[email protected]>

diff --git a/net/dccp/proto.c b/net/dccp/proto.c
index 8a6b2a9..f4299db 100644
--- a/net/dccp/proto.c
+++ b/net/dccp/proto.c
@@ -211,14 +211,21 @@ int dccp_ioctl(struct sock *sk, int cmd,
 	return -ENOIOCTLCMD;
 }
 
-static int dccp_setsockopt_service(struct sock *sk, const u32 service,
+static int dccp_setsockopt_service(struct sock *sk,
 				   char __user *optval, int optlen)
 {
+	u32 service;
 	struct dccp_sock *dp = dccp_sk(sk);
 	struct dccp_service_list *sl = NULL;
 
-	if (service == DCCP_SERVICE_INVALID_VALUE || 
-	    optlen > DCCP_SERVICE_LIST_MAX_LEN * sizeof(u32))
+	if (optlen < sizeof(u32) ||
+	    optlen > DCCP_SERCICE_LISR_MAX_LEN * sizeof(u32))
+		return -EINVAL;
+
+	if (get_user(service, (u32 __user *)optval))
+		return -EFAULT;
+
+	if (service == DCCP_SERVICE_INVALID_VALUE)
 		return -EINVAL;
 
 	if (optlen > sizeof(service)) {
@@ -256,14 +263,14 @@ int dccp_setsockopt(struct sock *sk, int
 	if (level != SOL_DCCP)
 		return ip_setsockopt(sk, level, optname, optval, optlen);
 
+	if (optname == DCCP_SOCKOPT_SERVICE)
+		return dccp_setsockopt_service(sk, optval, optlen);
+
 	if (optlen < sizeof(int))
 		return -EINVAL;
 
 	if (get_user(val, (int __user *)optval))
 		return -EFAULT;
-
-	if (optname == DCCP_SOCKOPT_SERVICE)
-		return dccp_setsockopt_service(sk, val, optval, optlen);
 
 	lock_sock(sk);
 	dp = dccp_sk(sk);

-- 
YOSHIFUJI Hideaki @ USAGI Project  <[email protected]>
GPG-FP  : 9022 65EB 1ECF 3AD1 0BDF  80D8 4807 F894 E062 0EEA
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • [PATCH] dccp sizeof correction
    • From: Hagen Paul Pfeifer <[email protected]>

• Prev by Date: Re: [RFC] Small PCI core patch
• Next by Date: Re: [PATCH 2/5] Light Fragmentation Avoidance V20: 002_usemap
• Previous by thread: [PATCH] dccp sizeof correction
• Next by thread: [PATCH] i386 No Idle Hz - aka Dynticks v051122-1
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]