From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 16 Jul 2015 09:43:44 +0000 (+0200)
Subject: kernel-netlink: Actually verify if the netlink message exceeds the buffer size
X-Git-Tag: 5.3.3dr4~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a6896b61496448d4e27e47d3979ea0031ca4bf9d;p=thirdparty%2Fstrongswan.git

kernel-netlink: Actually verify if the netlink message exceeds the buffer size

It might equal it and that's fine. With MSG_TRUNC we get the actual
message size and can only report an error if we haven't received the
complete message.
---

diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_shared.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_shared.c
index b0e3103d32..238de82b30 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_shared.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_shared.c
@@ -185,8 +185,8 @@ static ssize_t read_msg(private_netlink_socket_t *this,
 			return -1;
 		}
 	}
-	len = recv(this->socket, buf, buflen, block ? 0 : MSG_DONTWAIT);
-	if (len == buflen)
+	len = recv(this->socket, buf, buflen, MSG_TRUNC|(block ? 0 : MSG_DONTWAIT));
+	if (len > buflen)
 	{
 		DBG1(DBG_KNL, "netlink response exceeds buffer size");
 		return 0;