getservbyport_r: fix out-of-bounds buffer read

[musl] / src / fcntl / fcntl.c

diff --git a/src/fcntl/fcntl.c b/src/fcntl/fcntl.c
index 4c34ba0..d3bff5c 100644 (file)
--- a/src/fcntl/fcntl.c
+++ b/src/fcntl/fcntl.c
@@ -3,21 +3,20 @@
 #include <stdarg.h>
 #include <errno.h>
 #include "syscall.h"
-#include "libc.h"
 
 int fcntl(int fd, int cmd, ...)
 {
-       long arg;
+       unsigned long arg;
        va_list ap;
        va_start(ap, cmd);
-       arg = va_arg(ap, long);
+       arg = va_arg(ap, unsigned long);
        va_end(ap);
        if (cmd == F_SETFL) arg |= O_LARGEFILE;
-       if (cmd == F_SETLKW) return syscall_cp(SYS_fcntl, fd, cmd, arg);
+       if (cmd == F_SETLKW) return syscall_cp(SYS_fcntl, fd, cmd, (void *)arg);
        if (cmd == F_GETOWN) {
                struct f_owner_ex ex;
                int ret = __syscall(SYS_fcntl, fd, F_GETOWN_EX, &ex);
-               if (ret == -EINVAL) return __syscall(SYS_fcntl, fd, cmd, arg);
+               if (ret == -EINVAL) return __syscall(SYS_fcntl, fd, cmd, (void *)arg);
                if (ret) return __syscall_ret(ret);
                return ex.type == F_OWNER_PGRP ? -ex.pid : ex.pid;
        }
@@ -37,5 +36,13 @@ int fcntl(int fd, int cmd, ...)
                if (ret >= 0) __syscall(SYS_fcntl, ret, F_SETFD, FD_CLOEXEC);
                return __syscall_ret(ret);
        }
-       return syscall(SYS_fcntl, fd, cmd, arg);
+       switch (cmd) {
+       case F_SETLK:
+       case F_GETLK:
+       case F_GETOWN_EX:
+       case F_SETOWN_EX:
+               return syscall(SYS_fcntl, fd, cmd, (void *)arg);
+       default:
+               return syscall(SYS_fcntl, fd, cmd, arg);
+       }
 }