+29 -6

src/kernel/emulation/linux/network/recvmsg.c

reviewed

··· 30 30 lmsg.msg_control = msg->msg_control; 31 31 lmsg.msg_controllen = msg->msg_controllen; 32 32 } 33 33 - else if (msg->msg_control != NULL) 33 33 + else if (msg->msg_control != NULL && msg->msg_controllen > 0) 34 34 { 35 35 + // __simple_printf("controllen=%d\n", msg->msg_controllen); 35 36 lchdr = (struct linux_cmsghdr*) malloc(msg->msg_controllen + 4); 36 37 lmsg.msg_control = lchdr; 37 38 lmsg.msg_controllen = msg->msg_controllen + 4; 39 39 + } 40 40 + else 41 41 + { 42 42 + lmsg.msg_control = NULL; 43 43 + lmsg.msg_controllen = 0; 38 44 } 39 45 40 46 lmsg.msg_flags = 0; // set on return ··· 59 65 60 66 if (bchdr != NULL) 61 67 { 62 62 - bchdr->cmsg_len = lchdr->cmsg_len; 63 63 - bchdr->cmsg_level = lchdr->cmsg_level; 64 64 - bchdr->cmsg_type = lchdr->cmsg_type; 68 68 + if (sizeof(unsigned long) != 4) 69 69 + { 70 70 + if (lmsg.msg_controllen > 0) 71 71 + { 72 72 + bchdr->cmsg_len = lchdr->cmsg_len; 73 73 + bchdr->cmsg_level = lchdr->cmsg_level; 74 74 + bchdr->cmsg_type = lchdr->cmsg_type; 75 75 + 76 76 + // __simple_printf("Copy %p to %p, %d bytes (of %d)\n", lchdr->cmsg_data, bchdr->cmsg_data, lchdr->cmsg_len - sizeof(struct linux_cmsghdr), lchdr->cmsg_len); 77 77 + // __simple_printf("Hdr says controllen=%d\n", lmsg.msg_controllen); 65 78 66 66 - memcpy(bchdr->cmsg_data, lchdr->cmsg_data, 67 67 - lchdr->cmsg_len - offsetof(struct linux_cmsghdr, cmsg_data)); 79 79 + memcpy(bchdr->cmsg_data, lchdr->cmsg_data, 80 80 + lchdr->cmsg_len - sizeof(struct linux_cmsghdr)); 81 81 + msg->msg_controllen = lmsg.msg_controllen - 4; 82 82 + } 83 83 + else 84 84 + msg->msg_controllen = 0; 85 85 + } 86 86 + else 87 87 + { 88 88 + msg->msg_controllen = lmsg.msg_controllen; 89 89 + } 68 90 } 69 91 } 70 92 71 93 if (lchdr != NULL) 72 94 free(lchdr); 73 95 96 96 + // __simple_printf("Returning %d\n", ret); 74 97 return ret; 75 98 } 76 99

+8 -3

src/kernel/emulation/linux/network/sendmsg.c

reviewed

··· 30 30 lmsg.msg_control = msg->msg_control; 31 31 lmsg.msg_controllen = msg->msg_controllen; 32 32 } 33 33 - else if (msg->msg_control != NULL) 33 33 + else if (msg->msg_control != NULL && msg->msg_controllen > 0) 34 34 { 35 35 struct bsd_cmsghdr* bchdr; 36 36 ··· 45 45 lchdr->cmsg_type = bchdr->cmsg_type; 46 46 47 47 memcpy(lchdr->cmsg_data, bchdr->cmsg_data, 48 48 - lchdr->cmsg_len - offsetof(struct bsd_cmsghdr, cmsg_data)); 48 48 + lchdr->cmsg_len - sizeof(struct bsd_cmsghdr)); 49 49 + } 50 50 + else 51 51 + { 52 52 + lmsg.msg_control = NULL; 53 53 + lmsg.msg_controllen = 0; 49 54 } 50 55 51 56 lmsg.msg_flags = 0; // ignored ··· 56 61 ret = LINUX_SYSCALL(__NR_socketcall, LINUX_SYS_SENDMSG, 57 62 ((long[6]) { socket, &lmsg, linux_flags })); 58 63 #else 59 59 - ret = LINUX_SYSCALL(__NR_recvmsg, socket, &lmsg, linux_flags); 64 64 + ret = LINUX_SYSCALL(__NR_sendmsg, socket, &lmsg, linux_flags); 60 65 #endif 61 66 62 67 if (ret < 0)