From 9732334b5df32e807a63263db2fb2d8dde69713f Mon Sep 17 00:00:00 2001
From: SPRESENSE <41312067+SPRESENSE@users.noreply.github.com>
Date: Fri, 30 Jul 2021 14:45:01 +0900
Subject: [PATCH] net/socket: Fix bug that sendto did not return an error

When `tolen` is not 0 and `to` is NULL, it causes illegal buffer access.
Add a parameter check in this condition.
---
 net/socket/sendto.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/net/socket/sendto.c b/net/socket/sendto.c
index f148b3d2d9..db99523618 100644
--- a/net/socket/sendto.c
+++ b/net/socket/sendto.c
@@ -110,6 +110,11 @@ ssize_t psock_sendto(FAR struct socket *psock, FAR const void *buf,
   struct iovec iov;
   struct msghdr msg;
 
+  if (tolen != 0 && to == NULL)
+    {
+      return -EINVAL;
+    }
+
   iov.iov_base = (FAR void *)buf;
   iov.iov_len = len;
   msg.msg_name = (FAR struct sockaddr *)to;