[PATCH 1/2] ws2_32: Validate pointers in select().
Torge Matthies
openglfreak at googlemail.com
Sun Oct 17 13:55:54 CDT 2021
The documentation says that SOCKET_ERROR is returned and the error is
set to WSAEFAULT if any of the input pointers point to unmapped memory.
Signed-off-by: Torge Matthies <openglfreak at googlemail.com>
---
dlls/ws2_32/socket.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/dlls/ws2_32/socket.c b/dlls/ws2_32/socket.c
index b3dab22ae6e..1238f34aa1c 100644
--- a/dlls/ws2_32/socket.c
+++ b/dlls/ws2_32/socket.c
@@ -2384,6 +2384,15 @@ int WINAPI select( int count, fd_set *read_ptr, fd_set *write_ptr,
TRACE( "read %p, write %p, except %p, timeout %p\n", read_ptr, write_ptr, except_ptr, timeout );
+ if ((read_ptr && IsBadWritePtr(read_ptr, sizeof(*read_ptr)))
+ || (write_ptr && IsBadWritePtr(write_ptr, sizeof(*write_ptr)))
+ || (except_ptr && IsBadWritePtr(except_ptr, sizeof(*except_ptr)))
+ || (timeout && IsBadReadPtr(timeout, sizeof(*timeout))))
+ {
+ SetLastError( WSAEFAULT );
+ return -1;
+ }
+
FD_ZERO( &read );
FD_ZERO( &write );
FD_ZERO( &except );
--
2.33.1
More information about the wine-devel
mailing list