linux-user: fd_trans_host_to_target_data() must process only received data
if we process the whole buffer, the netlink helpers can try to swap invalid data. Signed-off-by: Laurent Vivier <laurent@vivier.eu> Signed-off-by: Riku Voipio <riku.voipio@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
parent
84f34b00c8
commit
48dc0f2c3d
@ -2991,7 +2991,7 @@ static abi_long do_sendrecvmsg_locked(int fd, struct target_msghdr *msgp,
|
|||||||
len = ret;
|
len = ret;
|
||||||
if (fd_trans_host_to_target_data(fd)) {
|
if (fd_trans_host_to_target_data(fd)) {
|
||||||
ret = fd_trans_host_to_target_data(fd)(msg.msg_iov->iov_base,
|
ret = fd_trans_host_to_target_data(fd)(msg.msg_iov->iov_base,
|
||||||
msg.msg_iov->iov_len);
|
len);
|
||||||
} else {
|
} else {
|
||||||
ret = host_to_target_cmsg(msgp, &msg);
|
ret = host_to_target_cmsg(msgp, &msg);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user