| From foo@baz Mon Jan 13 09:39:01 PST 2014 |
| From: Florian Westphal <fw@strlen.de> |
| Date: Mon, 23 Dec 2013 00:32:31 +0100 |
| Subject: net: rose: restore old recvmsg behavior |
| |
| From: Florian Westphal <fw@strlen.de> |
| |
| [ Upstream commit f81152e35001e91997ec74a7b4e040e6ab0acccf ] |
| |
| recvmsg handler in net/rose/af_rose.c performs size-check ->msg_namelen. |
| |
| After commit f3d3342602f8bcbf37d7c46641cb9bca7618eb1c |
| (net: rework recvmsg handler msg_name and msg_namelen logic), we now |
| always take the else branch due to namelen being initialized to 0. |
| |
| Digging in netdev-vger-cvs git repo shows that msg_namelen was |
| initialized with a fixed-size since at least 1995, so the else branch |
| was never taken. |
| |
| Compile tested only. |
| |
| Signed-off-by: Florian Westphal <fw@strlen.de> |
| Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/rose/af_rose.c | 16 ++++------------ |
| 1 file changed, 4 insertions(+), 12 deletions(-) |
| |
| --- a/net/rose/af_rose.c |
| +++ b/net/rose/af_rose.c |
| @@ -1253,6 +1253,7 @@ static int rose_recvmsg(struct kiocb *io |
| |
| if (msg->msg_name) { |
| struct sockaddr_rose *srose; |
| + struct full_sockaddr_rose *full_srose = msg->msg_name; |
| |
| memset(msg->msg_name, 0, sizeof(struct full_sockaddr_rose)); |
| srose = msg->msg_name; |
| @@ -1260,18 +1261,9 @@ static int rose_recvmsg(struct kiocb *io |
| srose->srose_addr = rose->dest_addr; |
| srose->srose_call = rose->dest_call; |
| srose->srose_ndigis = rose->dest_ndigis; |
| - if (msg->msg_namelen >= sizeof(struct full_sockaddr_rose)) { |
| - struct full_sockaddr_rose *full_srose = (struct full_sockaddr_rose *)msg->msg_name; |
| - for (n = 0 ; n < rose->dest_ndigis ; n++) |
| - full_srose->srose_digis[n] = rose->dest_digis[n]; |
| - msg->msg_namelen = sizeof(struct full_sockaddr_rose); |
| - } else { |
| - if (rose->dest_ndigis >= 1) { |
| - srose->srose_ndigis = 1; |
| - srose->srose_digi = rose->dest_digis[0]; |
| - } |
| - msg->msg_namelen = sizeof(struct sockaddr_rose); |
| - } |
| + for (n = 0 ; n < rose->dest_ndigis ; n++) |
| + full_srose->srose_digis[n] = rose->dest_digis[n]; |
| + msg->msg_namelen = sizeof(struct full_sockaddr_rose); |
| } |
| |
| skb_free_datagram(sk, skb); |