Issue #12837: POSIX.1-2008 allows socklen_t to be a signed integer: re-enable
the check against negative values, and add a note on this surprising test.
Patch by David Watson.
diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
index f56e9af..79ccae8 100644
--- a/Modules/socketmodule.c
+++ b/Modules/socketmodule.c
@@ -1745,7 +1745,8 @@
     static const size_t cmsg_len_end = (offsetof(struct cmsghdr, cmsg_len) +
                                         sizeof(cmsgh->cmsg_len));
 
-    if (cmsgh == NULL || msg->msg_control == NULL)
+    /* Note that POSIX allows msg_controllen to be of signed type. */
+    if (cmsgh == NULL || msg->msg_control == NULL || msg->msg_controllen < 0)
         return 0;
     if (space < cmsg_len_end)
         space = cmsg_len_end;