Mathieu Desnoyers wrote: > - if (used_address && used_address->name_len == msg_sys->msg_namelen && > - !memcmp(&used_address->name, msg->msg_name, > + if (used_address && msg_sys->msg_name && > + used_address->name_len == msg_sys->msg_namelen && > + !memcmp(&used_address->name, msg_sys->msg_name,
My mistake. I thought I have typed msg_sys->msg_name . Thank you for catching this. > Note that msg_sys can be set to NULL by verify_compat_iovec() > or verify_iovec(), which requires additional NULL pointer checks. You meant msg_sys->msg_name can be set to NULL, didn't you? I think msg_sys->msg_name != NULL if msg_sys->msg_namelen != 0. Therefore, I think memcpy()/memcmp() are safe without NULL pointer checks. _______________________________________________ stable mailing list stable@linux.kernel.org http://linux.kernel.org/mailman/listinfo/stable
