summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/syscalls
diff options
context:
space:
mode:
authorRahat Mahmood <rahat@google.com>2021-09-14 16:47:05 -0700
committergVisor bot <gvisor-bot@google.com>2021-09-14 16:53:30 -0700
commitd6c99694bcb9a5e4ce50ff48d648ba6ada0b9687 (patch)
treec672e6d062a4e904368a8a8285c528e1b61046d6 /pkg/sentry/syscalls
parent8d14edb14b6b757f049faf760c72d58616903d7a (diff)
Fix race on msgrcv(MSG_COPY).
Previously, we weren't making a copy when a sysv message queue was receiving a message with the MSG_COPY flag. This flag indicates the message being received should be left in the queue and a copy of the message should be returned to userspace. Without the copy, a racing process can modify the original message while it's being marshalled to user memory. Reported-by: syzbot+cb15e644698b20ff4e17@syzkaller.appspotmail.com PiperOrigin-RevId: 396712856
Diffstat (limited to 'pkg/sentry/syscalls')
0 files changed, 0 insertions, 0 deletions