ipv6: Fix the return value of Set Hop-by-Hop options header with NULL data pointer
Yang Hongyang [Mon, 4 Aug 2008 01:16:15 +0000 (18:16 -0700)]
When Set Hop-by-Hop options header with NULL data
pointer and optlen is not zero use setsockopt(),
the kernel successfully return 0 instead of
return error EINVAL or EFAULT.

This patch fix the problem.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/ipv6/ipv6_sockglue.c

index ea33b26..741cfcd 100644 (file)
@@ -346,6 +346,8 @@ static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
                 */
                if (optlen == 0)
                        optval = NULL;
+               else if (optval == NULL)
+                       goto e_inval;
                else if (optlen < sizeof(struct ipv6_opt_hdr) ||
                         optlen & 0x7 || optlen > 8 * 255)
                        goto e_inval;