Hide Forgot
Description of problem: Version-Release number of selected component (if applicable): glibc-2.17 _EXTERN_INLINE struct cmsghdr * __NTH (__cmsg_nxthdr (struct msghdr *__mhdr, struct cmsghdr *__cmsg)) { if ((size_t) __cmsg->cmsg_len < sizeof (struct cmsghdr)) /* The kernel header does this so there may be a reason. */ return (struct cmsghdr *) 0; __cmsg = (struct cmsghdr *) ((unsigned char *) __cmsg + CMSG_ALIGN (__cmsg->cmsg_len)); if ((unsigned char *) (__cmsg + 1) > ((unsigned char *) __mhdr->msg_control + __mhdr->msg_controllen) || ((unsigned char *) __cmsg + CMSG_ALIGN (__cmsg->cmsg_len) //__cmsg->cmsg_len is unitialized ****************************** > ((unsigned char *) __mhdr->msg_control + __mhdr->msg_controllen))) /* No more entries. */ return (struct cmsghdr *) 0; return __cmsg; } How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
*** This bug has been marked as a duplicate of bug 1402299 ***