syscalls/sendmsg.c

   1 /*
   2  * SYSCALL_DEFINE3(sendmsg, int, fd, struct msghdr __user *, msg, unsigned, flags)
   3  */
   4
   5 #include <stdlib.h>
   6 #include <sys/types.h>
   7 #include <sys/socket.h>
   8 #include "compat.h"
   9 #include "random.h"
  10 #include "sanitise.h"
  11 #include "maps.h"
  12 #include "shm.h"
  13
  14 static void sanitise_sendmsg(int childno)
  15 {
  16         struct msghdr *msg;
  17         struct sockaddr *sa = NULL;
  18         socklen_t salen;
  19
  20         msg = malloc(sizeof(struct msghdr));
  21         shm->scratch[childno] = (unsigned long) msg;
  22
  23         if (msg == NULL) {
  24                 // just do something weird.
  25                 shm->a2[childno] = (unsigned long) get_address();
  26                 return;
  27         }
  28
  29         generate_sockaddr((struct sockaddr **) &sa, (socklen_t *) &salen, rand() % TRINITY_PF_MAX);
  30
  31         msg->msg_name = sa;
  32         msg->msg_namelen = salen;
  33
  34         msg->msg_iov = get_address();
  35         msg->msg_iovlen = get_len();
  36         msg->msg_control = get_address();
  37         msg->msg_controllen = get_len();
  38         msg->msg_flags = rand32();
  39
  40         shm->a2[childno] = (unsigned long) msg;
  41 }
  42
  43 static void post_sendmsg(int childno)
  44 {
  45         struct msghdr *msg;
  46         void *ptr = (void *) shm->scratch[childno];
  47
  48         if (ptr != NULL) {
  49                 msg = (struct msghdr *) ptr;
  50
  51                 if (msg->msg_name != page_rand) // FIXME: What about other kinds of pages ?
  52                         free(msg->msg_name);    // free sockaddr
  53
  54                 free(ptr);
  55         }
  56
  57         shm->scratch[childno] = 0;
  58 }
  59
  60 struct syscallentry syscall_sendmsg = {
  61         .name = "sendmsg",
  62         .num_args = 3,
  63         .arg1name = "fd",
  64         .arg1type = ARG_FD,
  65         .arg2name = "msg",
  66         .arg3name = "flags",
  67         .arg3type = ARG_LIST,
  68         .arg3list = {
  69                 .num = 20,
  70                 .values = { MSG_OOB, MSG_PEEK, MSG_DONTROUTE, MSG_CTRUNC,
  71                                 MSG_TRUNC, MSG_DONTWAIT, MSG_EOR,
  72                                 MSG_WAITALL, MSG_FIN, MSG_SYN, MSG_CONFIRM,
  73                                 MSG_RST, MSG_ERRQUEUE, MSG_NOSIGNAL, MSG_MORE,
  74                                 MSG_WAITFORONE, MSG_CMSG_CLOEXEC, MSG_FASTOPEN, MSG_CMSG_COMPAT },
  75         },
  76         .sanitise = sanitise_sendmsg,
  77         .post = post_sendmsg,
  78         .flags = NEED_ALARM,
  79 };