[SPARC64]: Fix cmsg length checks in Solaris emulation layer.

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2005-06-21 15:39:22 -07:00
parent 1d345dac1f
commit 8005aba69a
1 changed files with 4 additions and 2 deletions

View File

@ -317,8 +317,10 @@ asmlinkage int solaris_sendmsg(int fd, struct sol_nmsghdr __user *user_msg, unsi
unsigned long *kcmsg;
compat_size_t cmlen;
if(kern_msg.msg_controllen > sizeof(ctl) &&
kern_msg.msg_controllen <= 256) {
if (kern_msg.msg_controllen <= sizeof(compat_size_t))
return -EINVAL;
if(kern_msg.msg_controllen > sizeof(ctl)) {
err = -ENOBUFS;
ctl_buf = kmalloc(kern_msg.msg_controllen, GFP_KERNEL);
if(!ctl_buf)