From: Julian Seward <jseward@acm.org>
Date: Sat, 27 Apr 2002 02:06:15 +0000 (+0000)
Subject: Use safe_dereference in IPCOP_msgrcv.  (Tom Hughes)
X-Git-Tag: svn/VALGRIND_1_0_3~291
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f941ad21fdfee66b061762f3b79b7ff80ad63777;p=thirdparty%2Fvalgrind.git

Use safe_dereference in IPCOP_msgrcv.  (Tom Hughes)


git-svn-id: svn://svn.valgrind.org/valgrind/trunk@160
---

diff --git a/vg_syscall_mem.c b/vg_syscall_mem.c
index 30bf897fb2..444f987e4f 100644
--- a/vg_syscall_mem.c
+++ b/vg_syscall_mem.c
@@ -1212,12 +1212,15 @@ void VG_(perform_assumed_nonblocking_syscall) ( ThreadId tid )
                }
             case 12: /* IPCOP_msgrcv */
                {
-                  struct msgbuf *msgp = ((struct ipc_kludge *)arg5)->msgp;
+                  struct msgbuf *msgp;
                   Int msgsz = arg3;
+ 
+                  msgp = (struct msgbuf *)safe_dereference( 
+                            (Addr) (&((struct ipc_kludge *)arg5)->msgp), 0 );
 
-                  must_be_writable ( tst, "msgsnd(msgp->mtype)", 
+                  must_be_writable ( tst, "msgrcv(msgp->mtype)", 
                                      (UInt)&msgp->mtype, sizeof(msgp->mtype) );
-                  must_be_writable ( tst, "msgsnd(msgp->mtext)", 
+                  must_be_writable ( tst, "msgrcv(msgp->mtext)", 
                                      (UInt)msgp->mtext, msgsz );
 
                   KERNEL_DO_SYSCALL(tid,res);