--- src/sys/kern/uipc_syscalls.c	2008/07/01 02:02:54	1.86
+++ src/sys/kern/uipc_syscalls.c	2008/07/07 14:35:12	1.87
@@ -1066,11 +1066,19 @@ sys_setsockopt(struct setsockopt_args *u
 
 	sopt.sopt_level = uap->level;
 	sopt.sopt_name = uap->name;
-	sopt.sopt_val = uap->val;
 	sopt.sopt_valsize = uap->valsize;
 	sopt.sopt_td = td;
 
+	sopt.sopt_val = kmalloc(sopt.sopt_valsize, M_TEMP, M_WAITOK);
+	error = copyin(uap->val, sopt.sopt_val, sopt.sopt_valsize);
+	if (error)
+		goto out;
 	error = kern_setsockopt(uap->s, &sopt);
+	if (error)
+		goto out;
+	error = copyout(sopt.sopt_val, uap->val, sopt.sopt_valsize);
+out:
+	kfree(sopt.sopt_val, M_TEMP);
 	return(error);
 }
 
@@ -1123,15 +1131,23 @@ sys_getsockopt(struct getsockopt_args *u
 
 	sopt.sopt_level = uap->level;
 	sopt.sopt_name = uap->name;
-	sopt.sopt_val = uap->val;
 	sopt.sopt_valsize = valsize;
 	sopt.sopt_td = td;
 
+	sopt.sopt_val = kmalloc(sopt.sopt_valsize, M_TEMP, M_WAITOK);
+	error = copyin(uap->val, sopt.sopt_val, sopt.sopt_valsize);
+	if (error)
+		goto out;
 	error = kern_getsockopt(uap->s, &sopt);
-	if (error == 0) {
-		valsize = sopt.sopt_valsize;
-		error = copyout(&valsize, uap->avalsize, sizeof(valsize));
-	}
+	if (error)
+		goto out;
+	valsize = sopt.sopt_valsize;
+	error = copyout(&valsize, uap->avalsize, sizeof(valsize));
+	if (error)
+		goto out;
+	error = copyout(sopt.sopt_val, uap->val, sopt.sopt_valsize);
+out:
+	kfree(sopt.sopt_val, M_TEMP);
 	return (error);
 }