Commit 8c37b107 authored by Darek Stojaczyk's avatar Darek Stojaczyk Committed by Tomasz Zawadzki
Browse files

sock/posix: fix potential segfault in zero-copy 



CMSG_FIRSTHDR could theoretically return NULL. Check it for the
peace of mind.

CMSG_FIRSTHDR() returns a pointer to the first cmsghdr in the
          ancillary data buffer associated with the passed msghdr.
          It returns NULL if there isn't enough space for a cmsghdr
          in the buffer.

Change-Id: I6c7e1eb59121b59c568d3ad7f5eda649a49026f4
Signed-off-by: default avatarDarek Stojaczyk <dariusz.stojaczyk@intel.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/771


Reviewed-by: default avatarPaul Luse <paul.e.luse@intel.com>
Reviewed-by: default avatarShuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Reviewed-by: default avatarTomasz Zawadzki <tomasz.zawadzki@intel.com>
Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
parent 71efe5db

module/sock/posix/posix.c

+1 −1
Original line number Diff line number Diff line
@@ -495,7 +495,7 @@ _sock_check_zcopy(struct spdk_sock *sock) 
		}



		cm = CMSG_FIRSTHDR(&msgh);

		if (cm->cmsg_level != SOL_IP || cm->cmsg_type != IP_RECVERR) {

		if (!cm || cm->cmsg_level != SOL_IP || cm->cmsg_type != IP_RECVERR) {

			SPDK_WARNLOG("Unexpected cmsg level or type!\n");

			return 0;

		}