RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-06-29 03:42:07 +00:00
Code Issues Activity Actions

IPv4: Truncate raw socket reads past buffer length

Browse source 
In addition to being the proper POSIX etiquette, it seems like a bad idea
for issues like the one seen in #3428 to result in a kernel crash. This patch
replaces the current behavior of failing on insufficient buffer size to truncating
SOCK_RAW messages to the buffer size. This will have to change if/when MSG_PEEK
is implemented, but for now this behavior is more compliant and logical than
just bailing.
This commit is contained in:
Avery 2020-09-09 22:12:50 -06:00 committed by Andreas Kling
parent 61060c0da8
commit 06218a4074
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Kernel/Net/IPv4Socket.cpp
View file

@ -338,9 +338,9 @@ KResultOr<size_t> IPv4Socket::receive_packet_buffered(FileDescription& descripti
} }
if (type() == SOCK_RAW) { if (type() == SOCK_RAW) {
ASSERT(buffer_length >= ipv4_packet.payload_size()); size_t bytes_written = min((size_t) ipv4_packet.payload_size(), buffer_length);
memcpy(buffer, ipv4_packet.payload(), ipv4_packet.payload_size()); memcpy(buffer, ipv4_packet.payload(), bytes_written);
return ipv4_packet.payload_size(); return bytes_written;
} }
return protocol_receive(packet.data.value(), buffer, buffer_length, flags); return protocol_receive(packet.data.value(), buffer, buffer_length, flags);