Date: Wed, 29 Mar 2017 21:26:14 +0000 (UTC) From: Conrad Meyer <cem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r316179 - head/contrib/netbsd-tests/lib/libc/sys Message-ID: <201703292126.v2TLQEhP087162@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cem Date: Wed Mar 29 21:26:13 2017 New Revision: 316179 URL: https://svnweb.freebsd.org/changeset/base/316179 Log: t_msgsnd: Use msgsnd()'s msgsz argument correctly to avoid overflow msgsnd's msgsz argument is the size of the message following the 'long' message type. Don't include the message type in the size of the message when invoking msgsnd(2). Reported by: Coverity CID: 1368712 Sponsored by: Dell EMC Isilon Modified: head/contrib/netbsd-tests/lib/libc/sys/t_msgsnd.c Modified: head/contrib/netbsd-tests/lib/libc/sys/t_msgsnd.c ============================================================================== --- head/contrib/netbsd-tests/lib/libc/sys/t_msgsnd.c Wed Mar 29 21:04:39 2017 (r316178) +++ head/contrib/netbsd-tests/lib/libc/sys/t_msgsnd.c Wed Mar 29 21:26:13 2017 (r316179) @@ -234,7 +234,7 @@ ATF_TC_BODY(msgsnd_nonblock, tc) for (;;) { errno = 0; - rv = msgsnd(id, &msg, sizeof(struct msg), IPC_NOWAIT); + rv = msgsnd(id, &msg, sizeof(msg.buf), IPC_NOWAIT); if (rv == -1 && errno == EAGAIN) _exit(EXIT_SUCCESS);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201703292126.v2TLQEhP087162>