From: Frédéric Fortier <frf@ghgsat.com>
Date: Sun, 28 Mar 2021 18:01:35 +0000 (-0400)
Subject: linux-user: NETLINK_LIST_MEMBERSHIPS: Allow bad ptr if its length is 0
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=13e340c886679fb17df02a35e7d82cb8beb6e9f4;p=qemu.git

linux-user: NETLINK_LIST_MEMBERSHIPS: Allow bad ptr if its length is 0

getsockopt(fd, SOL_NETLINK, NETLINK_LIST_MEMBERSHIPS, *optval, *optlen)
syscall allows optval to be NULL/invalid if optlen points to a size of
zero. This allows userspace to query the length of the array they should
use to get the full membership list before allocating memory for said
list, then re-calling getsockopt with proper optval/optlen arguments.

Notable users of this pattern include systemd-networkd, which in the
(albeit old) version 237 tested, cannot start without this fix.

Signed-off-by: Frédéric Fortier <frf@ghgsat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20210328180135.88449-1-frf@ghgsat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 294779c86f..95d79ddc43 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3025,7 +3025,7 @@ get_timeout:
                 return -TARGET_EINVAL;
             }
             results = lock_user(VERIFY_WRITE, optval_addr, len, 1);
-            if (!results) {
+            if (!results && len > 0) {
                 return -TARGET_EFAULT;
             }
             lv = len;