linux: Check for null value msghdr struct before use

This avoids crashes in libc when cmsg is null and refrencing msg
structure when it is null

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>

2 files changed, 4 insertions, 2 deletions

diff --git a/sysdeps/unix/sysv/linux/convert_scm_timestamps.c b/sysdeps/unix/sysv/linux/convert_scm_timestamps.c
index d75a461..5af7184 100644
--- a/sysdeps/unix/sysv/linux/convert_scm_timestamps.c
+++ b/sysdeps/unix/sysv/linux/convert_scm_timestamps.c
@@ -87,6 +87,8 @@ __convert_scm_timestamps (struct msghdr *msg, socklen_t msgsize)
 
   msg->msg_controllen += CMSG_SPACE (sizeof tvts);
   cmsg = CMSG_NXTHDR(msg, last);
+  if (cmsg == NULL)
+    return;
   cmsg->cmsg_level = SOL_SOCKET;
   cmsg->cmsg_type = type;
   cmsg->cmsg_len = CMSG_LEN (sizeof tvts);
diff --git a/sysdeps/unix/sysv/linux/recvmsg.c b/sysdeps/unix/sysv/linux/recvmsg.c
index a2a6002..57c3cf7 100644
--- a/sysdeps/unix/sysv/linux/recvmsg.c
+++ b/sysdeps/unix/sysv/linux/recvmsg.c
@@ -25,7 +25,7 @@ __libc_recvmsg (int fd, struct msghdr *msg, int flags)
 {
   ssize_t r;
 #ifndef __ASSUME_TIME64_SYSCALLS
-  socklen_t orig_controllen = msg->msg_controllen;
+  socklen_t orig_controllen = msg != NULL ? msg->msg_controllen : 0;
 #endif
 
 #ifdef __ASSUME_RECVMSG_SYSCALL
@@ -35,7 +35,7 @@ __libc_recvmsg (int fd, struct msghdr *msg, int flags)
 #endif
 
 #ifndef __ASSUME_TIME64_SYSCALLS
-  if (r >= 0)
+  if (r >= 0 && orig_controllen != 0)
     __convert_scm_timestamps (msg, orig_controllen);
 #endif