(root)/
glibc-2.38/
sysdeps/
unix/
sysv/
linux/
cmsg_nxthdr.c
       1  /* Return point to next ancillary data entry in message header.
       2     Copyright (C) 1997-2023 Free Software Foundation, Inc.
       3     This file is part of the GNU C Library.
       4  
       5     The GNU C Library is free software; you can redistribute it and/or
       6     modify it under the terms of the GNU Lesser General Public
       7     License as published by the Free Software Foundation; either
       8     version 2.1 of the License, or (at your option) any later version.
       9  
      10     The GNU C Library is distributed in the hope that it will be useful,
      11     but WITHOUT ANY WARRANTY; without even the implied warranty of
      12     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      13     Lesser General Public License for more details.
      14  
      15     You should have received a copy of the GNU Lesser General Public
      16     License along with the GNU C Library; if not, see
      17     <https://www.gnu.org/licenses/>.  */
      18  
      19  #include <stddef.h>
      20  #include <sys/socket.h>
      21  
      22  
      23  struct cmsghdr *
      24  __cmsg_nxthdr (struct msghdr *mhdr, struct cmsghdr *cmsg)
      25  {
      26    /* We may safely assume that cmsg lies between mhdr->msg_control and
      27       mhdr->msg_controllen because the user is required to obtain the first
      28       cmsg via CMSG_FIRSTHDR, set its length, then obtain subsequent cmsgs
      29       via CMSG_NXTHDR, setting lengths along the way.  However, we don't yet
      30       trust the value of cmsg->cmsg_len and therefore do not use it in any
      31       pointer arithmetic until we check its value.  */
      32  
      33    unsigned char * msg_control_ptr = (unsigned char *) mhdr->msg_control;
      34    unsigned char * cmsg_ptr = (unsigned char *) cmsg;
      35  
      36    size_t size_needed = sizeof (struct cmsghdr)
      37                         + __CMSG_PADDING (cmsg->cmsg_len);
      38  
      39    /* The current header is malformed, too small to be a full header.  */
      40    if ((size_t) cmsg->cmsg_len < sizeof (struct cmsghdr))
      41      return (struct cmsghdr *) 0;
      42  
      43    /* There isn't enough space between cmsg and the end of the buffer to
      44    hold the current cmsg *and* the next one.  */
      45    if (((size_t)
      46           (msg_control_ptr + mhdr->msg_controllen - cmsg_ptr)
      47         < size_needed)
      48        || ((size_t)
      49              (msg_control_ptr + mhdr->msg_controllen - cmsg_ptr
      50               - size_needed)
      51            < cmsg->cmsg_len))
      52  
      53      return (struct cmsghdr *) 0;
      54  
      55    /* Now, we trust cmsg_len and can use it to find the next header.  */
      56    cmsg = (struct cmsghdr *) ((unsigned char *) cmsg
      57  			     + CMSG_ALIGN (cmsg->cmsg_len));
      58    return cmsg;
      59  }
      60  libc_hidden_def (__cmsg_nxthdr)