From 407c4b9a19fc59dfea131c08b3075108ecfab8a3 Mon Sep 17 00:00:00 2001
From: Ulrich Drepper <drepper@redhat.com>
Date: Mon, 13 Sep 2004 06:07:02 +0000
Subject: UPdate.

	* nscd/nscd_helper.c (get_mapping): Correctly check cmsg length.
	Avoid file descriptor leak in case of size mismatch.
---
 nscd/nscd_helper.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'nscd/nscd_helper.c')

diff --git a/nscd/nscd_helper.c b/nscd/nscd_helper.c
index 74983b9762..ff27b0797e 100644
--- a/nscd/nscd_helper.c
+++ b/nscd/nscd_helper.c
@@ -138,10 +138,12 @@ get_mapping (request_type type, const char *key,
     /* Failure or timeout.  */
     goto out_close2;
 
-  if (TEMP_FAILURE_RETRY (__recvmsg (sock, &msg, 0)) != keylen
-      || msg.msg_controllen != CMSG_LEN (sizeof (int)))
+  if (TEMP_FAILURE_RETRY (__recvmsg (sock, &msg, 0)) != keylen)
     goto out_close2;
 
+  if (CMSG_FIRSTHDR (&msg)->cmsg_len != CMSG_LEN (sizeof (int)))
+    goto out_close;
+
   mapfd = *(int *) CMSG_DATA (cmsg);
 
   struct stat64 st;
-- 
cgit v1.2.3