diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2008-03-19 20:08:48 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2008-03-19 20:08:48 +0000 |
commit | 96d8b4851a9e891ba3f6656dd7fca32032e9b629 (patch) | |
tree | 4f2a7d9b380dd6bcfe6df544f895d40dd6c24263 | |
parent | df7a78375fa788ce035f3f05a4e2e0ddf8e9cbe1 (diff) |
CMSG_LEN and CMSG_SPACE are not neccessarily the same size. So if you
are going to allocate/free a block of memory for the message contents,
you have to calculate and track the sizes seperately. This change is
just like all the other CMSG changes...
-rw-r--r-- | usr.sbin/bind/lib/isc/unix/socket.c | 42 |
1 files changed, 27 insertions, 15 deletions
diff --git a/usr.sbin/bind/lib/isc/unix/socket.c b/usr.sbin/bind/lib/isc/unix/socket.c index 5f6583dc5e4..74003115a47 100644 --- a/usr.sbin/bind/lib/isc/unix/socket.c +++ b/usr.sbin/bind/lib/isc/unix/socket.c @@ -190,8 +190,10 @@ struct isc_socket { #endif char *recvcmsgbuf; + ISC_SOCKADDR_LEN_T recvcmsgbufspace; ISC_SOCKADDR_LEN_T recvcmsgbuflen; char *sendcmsgbuf; + ISC_SOCKADDR_LEN_T sendcmsgbufspace; ISC_SOCKADDR_LEN_T sendcmsgbuflen; }; @@ -511,11 +513,14 @@ cmsg_space(ISC_SOCKADDR_LEN_T len) { * XXX: The buffer length is an ad-hoc value, but should be enough * in a practical sense. */ - char dummybuf[sizeof(struct cmsghdr) + 1024]; + union { + struct cmsghdr hdr; + char buf[cmsg_sizeof(struct cmsghdr) + 1024]; + }; memset(&msg, 0, sizeof(msg)); msg.msg_control = dummybuf; - msg.msg_controllen = sizeof(dummybuf); + msg.msg_controllen = cmsg_len(sizeof(cmsg_sizeof(struct cmsghdr) + 1024)); cmsgp = (struct cmsghdr *)dummybuf; cmsgp->cmsg_len = cmsg_len(len); @@ -721,7 +726,7 @@ build_msghdr_send(isc_socket_t *sock, isc_socketevent_t *dev, "sendto pktinfo data, ifindex %u", dev->pktinfo.ipi6_ifindex); - msg->msg_controllen = cmsg_space(sizeof(struct in6_pktinfo)); + msg->msg_controllen = cmsg_len(sizeof(struct in6_pktinfo)); INSIST(msg->msg_controllen <= sock->sendcmsgbuflen); msg->msg_control = (void *)sock->sendcmsgbuf; @@ -862,7 +867,7 @@ build_msghdr_recv(isc_socket_t *sock, isc_socketevent_t *dev, msg->msg_flags = 0; #if defined(USE_CMSG) if (sock->type == isc_sockettype_udp) { - msg->msg_control = sock->recvcmsgbuf; + msg->msg_control = sock->recvcmsgbuf; msg->msg_controllen = sock->recvcmsgbuflen; } #endif /* USE_CMSG */ @@ -1257,7 +1262,7 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, { isc_socket_t *sock; isc_result_t result; - ISC_SOCKADDR_LEN_T cmsgbuflen; + ISC_SOCKADDR_LEN_T cmsgbuflen, cmsgbufspace; sock = isc_mem_get(manager->mctx, sizeof(*sock)); @@ -1282,26 +1287,33 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, * set up cmsg buffers */ cmsgbuflen = 0; + cmsgbufspace = 0; #if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) - cmsgbuflen = cmsg_space(sizeof(struct in6_pktinfo)); + cmsgbuflen = cmsgbufspace + cmsg_len(sizeof(struct in6_pktinfo)); + cmsgbufspace += cmsg_space(sizeof(struct in6_pktinfo)); #endif #if defined(USE_CMSG) && defined(SO_TIMESTAMP) - cmsgbuflen += cmsg_space(sizeof(struct timeval)); + cmsgbuflen = cmsgbufspace + cmsg_len(sizeof(struct timeval)); + cmsgbufspace += cmsg_space(sizeof(struct timeval)); #endif sock->recvcmsgbuflen = cmsgbuflen; - if (sock->recvcmsgbuflen != 0U) { - sock->recvcmsgbuf = isc_mem_get(manager->mctx, cmsgbuflen); + sock->recvcmsgbufspace = cmsgbufspace; + if (sock->recvcmsgbufspace != 0U) { + sock->recvcmsgbuf = isc_mem_get(manager->mctx, cmsgbufspace); if (sock->recvcmsgbuf == NULL) goto error; } cmsgbuflen = 0; + cmsgbufspace = 0; #if defined(USE_CMSG) && defined(ISC_PLATFORM_HAVEIN6PKTINFO) - cmsgbuflen = cmsg_space(sizeof(struct in6_pktinfo)); + cmsgbuflen = cmsgbufspace + cmsg_len(sizeof(struct in6_pktinfo)); + cmsgbufspace += cmsg_space(sizeof(struct in6_pktinfo)); #endif sock->sendcmsgbuflen = cmsgbuflen; + sock->sendcmsgbufspace = cmsgbufspace; if (sock->sendcmsgbuflen != 0U) { - sock->sendcmsgbuf = isc_mem_get(manager->mctx, cmsgbuflen); + sock->sendcmsgbuf = isc_mem_get(manager->mctx, cmsgbufspace); if (sock->sendcmsgbuf == NULL) goto error; } @@ -1348,10 +1360,10 @@ allocate_socket(isc_socketmgr_t *manager, isc_sockettype_t type, error: if (sock->recvcmsgbuf != NULL) isc_mem_put(manager->mctx, sock->recvcmsgbuf, - sock->recvcmsgbuflen); + sock->recvcmsgbufspace); if (sock->sendcmsgbuf != NULL) isc_mem_put(manager->mctx, sock->sendcmsgbuf, - sock->sendcmsgbuflen); + sock->sendcmsgbufspace); isc_mem_put(manager->mctx, sock, sizeof(*sock)); return (result); @@ -1381,10 +1393,10 @@ free_socket(isc_socket_t **socketp) { if (sock->recvcmsgbuf != NULL) isc_mem_put(sock->manager->mctx, sock->recvcmsgbuf, - sock->recvcmsgbuflen); + sock->recvcmsgbufspace); if (sock->sendcmsgbuf != NULL) isc_mem_put(sock->manager->mctx, sock->sendcmsgbuf, - sock->sendcmsgbuflen); + sock->sendcmsgbufspace); sock->magic = 0; |