Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!pyrdc!gmu90x!dolqci!vrdxhq!umd5!mimsy!oddjob!hao!ames!ucbcad!ucbvax!OKEEFFE.BERKELEY.EDU!bostic
From: bostic@OKEEFFE.BERKELEY.EDU (Keith Bostic)
Newsgroups: comp.bugs.2bsd
Subject: V1.14 (soreceive() can exit without resetting spl level)
Message-ID: <8710310140.AA01768@okeeffe.Berkeley.EDU>
Date: Fri, 30-Oct-87 20:40:45 EST
Article-I.D.: okeeffe.8710310140.AA01768
Posted: Fri Oct 30 20:40:45 1987
Date-Received: Thu, 5-Nov-87 03:12:36 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Lines: 90

Subject: soreceive() can exit without resetting spl level
Index: sys/uipc_socket.c 2.10BSD

Description:
	The soreceive() routine fails to reset the spl level in
	two paths.
Repeat-By:
	By inspection.
Fix:
	Apply one of the following patches; the first one is the easy
	one, the second one makes the code a lot prettier.

*** uipc_socket.c.orig	Fri Oct 30 16:47:39 1987
--- uipc_socket.c	Fri Oct 30 16:48:50 1987
***************
*** 629,634 ****
--- 629,635 ----
  	}
  release:
  	sbunlock(&so->so_rcv);
+ 	splx(s);
  	restorseg5(save5);
  	return (error);
  }

*** uipc_socket.c.orig	Fri Oct 30 17:06:10 1987
--- uipc_socket.c	Fri Oct 30 17:07:40 1987
***************
*** 484,508 ****
  	sblock(&so->so_rcv);
  	s = splnet();
  
- #define	rcverr(errno)	{ error = errno; splx(s); goto release; }
  	if (so->so_rcv.sb_cc == 0) {
  		if (so->so_error) {
  			error = so->so_error;
  			so->so_error = 0;
- 			splx(s);
  			goto release;
  		}
! 		if (so->so_state & SS_CANTRCVMORE) {
! 			splx(s);
  			goto release;
- 		}
  		if ((so->so_state & SS_ISCONNECTED) == 0 &&
! 		    (so->so_proto->pr_flags & PR_CONNREQUIRED))
! 			rcverr(ENOTCONN);
  		if (u.u_count == 0)
  			goto release;
! 		if (so->so_state & SS_NBIO)
! 			rcverr(EWOULDBLOCK);
  		sbunlock(&so->so_rcv);
  		sbwait(&so->so_rcv);
  		splx(s);
--- 484,508 ----
  	sblock(&so->so_rcv);
  	s = splnet();
  
  	if (so->so_rcv.sb_cc == 0) {
  		if (so->so_error) {
  			error = so->so_error;
  			so->so_error = 0;
  			goto release;
  		}
! 		if (so->so_state & SS_CANTRCVMORE)
  			goto release;
  		if ((so->so_state & SS_ISCONNECTED) == 0 &&
! 		    (so->so_proto->pr_flags & PR_CONNREQUIRED)) {
! 			error = ENOTCONN;
! 			goto release;
! 		}
  		if (u.u_count == 0)
  			goto release;
! 		if (so->so_state & SS_NBIO) {
! 			error = EWOULDBLOCK;
! 			goto release;
! 		}
  		sbunlock(&so->so_rcv);
  		sbwait(&so->so_rcv);
  		splx(s);
***************
*** 629,634 ****
--- 629,635 ----
  	}
  release:
  	sbunlock(&so->so_rcv);
+ 	splx(s);
  	restorseg5(save5);
  	return (error);
  }