nuttx/nuttx-mirror
1
2
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2025-01-13 13:18:50 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

sys/socket/scm: return NULL when cmsg_len is zero

Browse source 
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
This commit is contained in:
dongjiuzhu1 2022-11-10 16:31:01 +08:00 committed by Xiang Xiao
parent d5f729ed25
commit 5d643b3bef
1 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
include/sys/socket.h
View file

@ -348,11 +348,12 @@ static inline FAR struct cmsghdr *__cmsg_nxthdr(FAR void *__ctl,
unsigned int __size,
FAR struct cmsghdr *__cmsg)
{
FAR struct cmsghdr *__ptr;
size_t len = CMSG_ALIGN(__cmsg->cmsg_len);
FAR struct cmsghdr *__ptr =
(FAR struct cmsghdr *)(((FAR char *)__cmsg) + len);
__ptr = (FAR struct cmsghdr *)
(((FAR char *)__cmsg) + CMSG_ALIGN(__cmsg->cmsg_len));
if ((unsigned long)((FAR char *)(__ptr + 1) - (FAR char *)__ctl) > __size)
if (len < sizeof(*__cmsg) ||
(unsigned long)((FAR char *)(__ptr + 1) - (FAR char *)__ctl) > __size)
{
return NULL;
}