net: compat_sys_recvmmsg user timespec arg can be NULL
Jean-Mickael Guerin [Tue, 1 Dec 2009 07:52:16 +0000 (07:52 +0000)]
We must test if user timespec is non-NULL before copying from userpace,
same as sys_recvmmsg().

Commiter note: changed it so that we have just one branch.

Signed-off-by: Jean-Mickael Guerin <jean-mickael.guerin@6wind.com>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/compat.c

index 6a2f75f..e1a56ad 100644 (file)
@@ -758,9 +758,13 @@ asmlinkage long compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
 {
        int datagrams;
        struct timespec ktspec;
-       struct compat_timespec __user *utspec =
-                       (struct compat_timespec __user *)timeout;
+       struct compat_timespec __user *utspec;
 
+       if (timeout == NULL)
+               return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
+                                     flags | MSG_CMSG_COMPAT, NULL);
+
+       utspec = (struct compat_timespec __user *)timeout;
        if (get_user(ktspec.tv_sec, &utspec->tv_sec) ||
            get_user(ktspec.tv_nsec, &utspec->tv_nsec))
                return -EFAULT;