aboutsummaryrefslogtreecommitdiffstats
path: root/net/tipc/socket.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/tipc/socket.c')
-rw-r--r--net/tipc/socket.c27
1 files changed, 22 insertions, 5 deletions
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 29d94d53198d..338837396642 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -535,6 +535,9 @@ static int send_msg(struct kiocb *iocb, struct socket *sock,
535 if (unlikely((m->msg_namelen < sizeof(*dest)) || 535 if (unlikely((m->msg_namelen < sizeof(*dest)) ||
536 (dest->family != AF_TIPC))) 536 (dest->family != AF_TIPC)))
537 return -EINVAL; 537 return -EINVAL;
538 if ((total_len > TIPC_MAX_USER_MSG_SIZE) ||
539 (m->msg_iovlen > (unsigned)INT_MAX))
540 return -EMSGSIZE;
538 541
539 if (iocb) 542 if (iocb)
540 lock_sock(sk); 543 lock_sock(sk);
@@ -573,12 +576,14 @@ static int send_msg(struct kiocb *iocb, struct socket *sock,
573 &dest->addr.name.name, 576 &dest->addr.name.name,
574 dest->addr.name.domain, 577 dest->addr.name.domain,
575 m->msg_iovlen, 578 m->msg_iovlen,
576 m->msg_iov); 579 m->msg_iov,
580 total_len);
577 } else if (dest->addrtype == TIPC_ADDR_ID) { 581 } else if (dest->addrtype == TIPC_ADDR_ID) {
578 res = tipc_send2port(tport->ref, 582 res = tipc_send2port(tport->ref,
579 &dest->addr.id, 583 &dest->addr.id,
580 m->msg_iovlen, 584 m->msg_iovlen,
581 m->msg_iov); 585 m->msg_iov,
586 total_len);
582 } else if (dest->addrtype == TIPC_ADDR_MCAST) { 587 } else if (dest->addrtype == TIPC_ADDR_MCAST) {
583 if (needs_conn) { 588 if (needs_conn) {
584 res = -EOPNOTSUPP; 589 res = -EOPNOTSUPP;
@@ -590,7 +595,8 @@ static int send_msg(struct kiocb *iocb, struct socket *sock,
590 res = tipc_multicast(tport->ref, 595 res = tipc_multicast(tport->ref,
591 &dest->addr.nameseq, 596 &dest->addr.nameseq,
592 m->msg_iovlen, 597 m->msg_iovlen,
593 m->msg_iov); 598 m->msg_iov,
599 total_len);
594 } 600 }
595 if (likely(res != -ELINKCONG)) { 601 if (likely(res != -ELINKCONG)) {
596 if (needs_conn && (res >= 0)) 602 if (needs_conn && (res >= 0))
@@ -640,6 +646,10 @@ static int send_packet(struct kiocb *iocb, struct socket *sock,
640 if (unlikely(dest)) 646 if (unlikely(dest))
641 return send_msg(iocb, sock, m, total_len); 647 return send_msg(iocb, sock, m, total_len);
642 648
649 if ((total_len > TIPC_MAX_USER_MSG_SIZE) ||
650 (m->msg_iovlen > (unsigned)INT_MAX))
651 return -EMSGSIZE;
652
643 if (iocb) 653 if (iocb)
644 lock_sock(sk); 654 lock_sock(sk);
645 655
@@ -652,7 +662,8 @@ static int send_packet(struct kiocb *iocb, struct socket *sock,
652 break; 662 break;
653 } 663 }
654 664
655 res = tipc_send(tport->ref, m->msg_iovlen, m->msg_iov); 665 res = tipc_send(tport->ref, m->msg_iovlen, m->msg_iov,
666 total_len);
656 if (likely(res != -ELINKCONG)) 667 if (likely(res != -ELINKCONG))
657 break; 668 break;
658 if (m->msg_flags & MSG_DONTWAIT) { 669 if (m->msg_flags & MSG_DONTWAIT) {
@@ -723,6 +734,12 @@ static int send_stream(struct kiocb *iocb, struct socket *sock,
723 goto exit; 734 goto exit;
724 } 735 }
725 736
737 if ((total_len > (unsigned)INT_MAX) ||
738 (m->msg_iovlen > (unsigned)INT_MAX)) {
739 res = -EMSGSIZE;
740 goto exit;
741 }
742
726 /* 743 /*
727 * Send each iovec entry using one or more messages 744 * Send each iovec entry using one or more messages
728 * 745 *
@@ -753,7 +770,7 @@ static int send_stream(struct kiocb *iocb, struct socket *sock,
753 bytes_to_send = curr_left; 770 bytes_to_send = curr_left;
754 my_iov.iov_base = curr_start; 771 my_iov.iov_base = curr_start;
755 my_iov.iov_len = bytes_to_send; 772 my_iov.iov_len = bytes_to_send;
756 res = send_packet(NULL, sock, &my_msg, 0); 773 res = send_packet(NULL, sock, &my_msg, bytes_to_send);
757 if (res < 0) { 774 if (res < 0) {
758 if (bytes_sent) 775 if (bytes_sent)
759 res = bytes_sent; 776 res = bytes_sent;
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-18 01:08:03 -0500