Subject: kern/11692: soreceive() ignores a failed uiomove()
To: None <gnats-bugs@gnats.netbsd.org>
From: None <aaro@iki.fi>
List: netbsd-bugs
Date: 12/11/2000 07:34:14
>Number: 11692
>Category: kern
>Synopsis: soreceive() ignores a failed uiomove()
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Mon Dec 11 07:34:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Aaro Koskinen
>Release: 1.4.2
>Organization:
-
>Environment:
N/A
>Description:
In soreceive(), there is one uiomove() call whose return value gets
ignored:
[...]
if (mp == 0) {
splx(s);
error = uiomove(mtod(m, caddr_t) + moff, (int)len, uio);
s = splsoftnet();
} else
[...]
The same code e.g. in FreeBSD is:
[...]
if (mp == 0) {
splx(s);
error = uiomove(mtod(m, caddr_t) + moff, (int)len, uio);
s = splnet();
if (error)
goto release;
} else
[...]
>How-To-Repeat:
read() from a socket to a NULL pointer: the application blocks
in soreceive(), although EFAULT should be returned.
>Fix:
See above.
>Release-Note:
>Audit-Trail:
>Unformatted: