Mike Gran wrote 1 weeks ago
(address . bug-guile@gnu.org)
87tt81ityj.fsf@yahoo.com
struct timeval is a potential return value of struct getsockopt, but,
when HAVE_STRUCT_LINGER is not defined, scm_t_getsockopt_result may
be too small to hold a struct timeval.
To fix this, struct timeval can be added to the scm_t_getsockopt_result
union.
Regards,
Mike Gran
From 0ebd33ee05ad02aa9b96d9910c5facb087278d00 Mon Sep 17 00:00:00 2001
From: Michael Gran <spk121@yahoo.com>
Date: Sat, 8 Mar 2025 18:42:35 -0800
Subject: [PATCH] Fixes potential buffer overflow in getsockopt
struct timeval is a possible return value of getsockopt, but,
when HAVE_STRUCT_LINGER is not defined, scm_t_getsockopt_result
may be too small to hold a struct timeval.
* libguile/socket.c: add struct timeval to scm_t_getsockopt union
---
libguile/socket.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Toggle diff (20 lines)
diff --git a/libguile/socket.c b/libguile/socket.c
index 101afd80d..aa012c919 100644
--- a/libguile/socket.c
+++ b/libguile/socket.c
@@ -1,4 +1,4 @@
-/* Copyright 1996-1998,2000-2007,2009,2011-2015,2018,2021,2022
+/* Copyright 1996-1998,2000-2007,2009,2011-2015,2018,2021,2022,2025
Free Software Foundation, Inc.
This file is part of Guile.
@@ -454,6 +454,7 @@ typedef union
#endif
size_t size;
int integer;
+ struct timeval timeval;
} scm_t_getsockopt_result;
SCM_DEFINE (scm_getsockopt, "getsockopt", 3, 0, 0,
--
2.48.1