On 24.03.21 23:19, Richard Weinberger wrote:
Oliver,
----- Ursprüngliche Mail -----
@@ -808,10 +810,13 @@ static int raw_recvmsg(struct socket *sock, struct msghdr
*msg, size_t size,
int noblock;
noblock = flags & MSG_DONTWAIT;
flags &= ~MSG_DONTWAIT;
+ if (msg->msg_name && msg->msg_namelen < RAW_MIN_NAMELEN)
+ return -EINVAL;
+
Like with Kurt's patch, my test fails here too because msg->msg_namelen is 0.
->msg_namelen is always 0 in the recvfrom() case.
Agreed!
I just adopted that part and did no more testing yesterday (needed some
sleep).
E.g. 'candump any' also fails at CAN frame reception time due to this
wrong check ;-)
Will send an update soon.
Regards,
Oliver
