Le 20/06/2016 à 16:50, Peter Maydell a écrit : > The third argument to the rt_sigqueueinfo syscall is a pointer to > a siginfo_t, not a pointer to a sigset_t. Fix the error in the > arguments to lock_user(), which meant that we would not have > detected some faults that we should. > > Signed-off-by: Peter Maydell <[email protected]>
Reviewed-by: Laurent Vivier <[email protected]> > --- > linux-user/syscall.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/linux-user/syscall.c b/linux-user/syscall.c > index 7b3d129..8065284 100644 > --- a/linux-user/syscall.c > +++ b/linux-user/syscall.c > @@ -7909,8 +7909,11 @@ abi_long do_syscall(void *cpu_env, int num, abi_long > arg1, > case TARGET_NR_rt_sigqueueinfo: > { > siginfo_t uinfo; > - if (!(p = lock_user(VERIFY_READ, arg3, sizeof(target_sigset_t), > 1))) > + > + p = lock_user(VERIFY_READ, arg3, sizeof(target_siginfo_t), 1); > + if (!p) { > goto efault; > + } > target_to_host_siginfo(&uinfo, p); > unlock_user(p, arg1, 0); > ret = get_errno(sys_rt_sigqueueinfo(arg1, arg2, &uinfo)); >
