This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
Alle lunedì 21 novembre 2011, Samuel Thibault ha scritto: > Pino Toscano, le Mon 21 Nov 2011 01:25:55 +0100, a écrit : > > attached there is a patch for glibc to check for negative indexes > > in _hurd_socket_server(). > > Thanks! Could you submit it to libc-alpha? (with roland@gnu.org > CC-ed) Updated patch, hopefully now valid for glibc... (apologies for who gets it twice) (I have already the copyright assignment for glibc done.) -- Pino Toscano
hurdsock: reject negative domains
Reject negative socket domains right away; otherwise, it is possible to read
and set out-of-bounds locations of the `servers' array (returning the values
at those invalid memory locations), and even try to deallocate ports with
random values if the `dead' parameter is different than zero.
2011-11-21 Pino Toscano <toscano.pino@tiscali.it>
* hurd/hurdsock.c (_hurd_socket_server): Check for negative domains,
and reject them.
--- a/hurd/hurdsock.c
+++ b/hurd/hurdsock.c
@@ -47,6 +47,12 @@ _hurd_socket_server (int domain, int dea
{
socket_t server;
+ if (domain < 0)
+ {
+ errno = EAFNOSUPPORT;
+ return MACH_PORT_NULL;
+ }
+
HURD_CRITICAL_BEGIN;
__mutex_lock (&lock);
Attachment:
signature.asc
Description: This is a digitally signed message part.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |