From 13e340c886679fb17df02a35e7d82cb8beb6e9f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Fortier?= Date: Sun, 28 Mar 2021 14:01:35 -0400 Subject: linux-user: NETLINK_LIST_MEMBERSHIPS: Allow bad ptr if its length is 0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit getsockopt(fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, *optval, *optlen) syscall allows optval to be NULL/invalid if optlen points to a size of zero. This allows userspace to query the length of the array they should use to get the full membership list before allocating memory for said list, then re-calling getsockopt with proper optval/optlen arguments. Notable users of this pattern include systemd-networkd, which in the (albeit old) version 237 tested, cannot start without this fix. Signed-off-by: Frédéric Fortier Reviewed-by: Laurent Vivier Message-Id: <20210328180135.88449-1-frf@ghgsat.com> Signed-off-by: Laurent Vivier --- linux-user/syscall.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'linux-user') diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 294779c..95d79dd 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -3025,7 +3025,7 @@ get_timeout: return -TARGET_EINVAL; } results = lock_user(VERIFY_WRITE, optval_addr, len, 1); - if (!results) { + if (!results && len > 0) { return -TARGET_EFAULT; } lv = len; -- cgit v1.1