Module Name: src Committed By: maxv Date: Mon Oct 14 16:27:04 UTC 2019
Modified Files: src/sys/kern: uipc_socket.c Log Message: Add a check before the memcpy. memcpy is defined to never take NULL as second argument, and the compiler is free to perform optimizations knowing that this argument is never NULL. In this particular case, it was harmless. But still good to fix. Reported-by: syzbot+6f504255accb795eb...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.284 -r1.285 src/sys/kern/uipc_socket.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/kern/uipc_socket.c diff -u src/sys/kern/uipc_socket.c:1.284 src/sys/kern/uipc_socket.c:1.285 --- src/sys/kern/uipc_socket.c:1.284 Fri Sep 27 00:32:03 2019 +++ src/sys/kern/uipc_socket.c Mon Oct 14 16:27:03 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: uipc_socket.c,v 1.284 2019/09/27 00:32:03 pgoyette Exp $ */ +/* $NetBSD: uipc_socket.c,v 1.285 2019/10/14 16:27:03 maxv Exp $ */ /* * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc. @@ -71,7 +71,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.284 2019/09/27 00:32:03 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.285 2019/10/14 16:27:03 maxv Exp $"); #ifdef _KERNEL_OPT #include "opt_compat_netbsd.h" @@ -2096,7 +2096,9 @@ sockopt_set(struct sockopt *sopt, const } sopt->sopt_retsize = MIN(sopt->sopt_size, len); - memcpy(sopt->sopt_data, buf, sopt->sopt_retsize); + if (sopt->sopt_retsize > 0) { + memcpy(sopt->sopt_data, buf, sopt->sopt_retsize); + } return 0; }