From 7995cb86e54345cb2e3911bce4da00fbb68c2dce Mon Sep 17 00:00:00 2001
From: Ian Gudger <igudger@google.com>
Date: Fri, 22 Jul 2016 16:38:27 -0700
Subject: [PATCH] syscall: validate ParseUnixCredentials inputs

Don't panic, crash, or return references to uninitialized memory when
ParseUnixCredentials is passed invalid input.

Fixes #16475

Change-Id: I140d41612e8cd8caaa94be829a415159659c217b
Reviewed-on: https://go-review.googlesource.com/25154
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
---
 src/syscall/sockcmsg_linux.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/syscall/sockcmsg_linux.go b/src/syscall/sockcmsg_linux.go
index 5a56b25beb..4cb9075ba8 100644
--- a/src/syscall/sockcmsg_linux.go
+++ b/src/syscall/sockcmsg_linux.go
@@ -31,6 +31,9 @@ func ParseUnixCredentials(m *SocketControlMessage) (*Ucred, error) {
 	if m.Header.Type != SCM_CREDENTIALS {
 		return nil, EINVAL
 	}
+	if uintptr(len(m.Data)) < unsafe.Sizeof(Ucred{}) {
+		return nil, EINVAL
+	}
 	ucred := *(*Ucred)(unsafe.Pointer(&m.Data[0]))
 	return &ucred, nil
 }