This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Alle lunedì 21 novembre 2011, Samuel Thibault ha scritto: > Pino Toscano, le Mon 21 Nov 2011 01:25:55 +0100, a écrit : > > attached there is a patch for glibc to check for negative indexes > > in _hurd_socket_server(). > > Thanks! Could you submit it to libc-alpha? (with roland@gnu.org > CC-ed) Updated patch, hopefully now valid for glibc... (apologies for who gets it twice) (I have already the copyright assignment for glibc done.) -- Pino Toscano
hurdsock: reject negative domains Reject negative socket domains right away; otherwise, it is possible to read and set out-of-bounds locations of the `servers' array (returning the values at those invalid memory locations), and even try to deallocate ports with random values if the `dead' parameter is different than zero. 2011-11-21 Pino Toscano <toscano.pino@tiscali.it> * hurd/hurdsock.c (_hurd_socket_server): Check for negative domains, and reject them. --- a/hurd/hurdsock.c +++ b/hurd/hurdsock.c @@ -47,6 +47,12 @@ _hurd_socket_server (int domain, int dea { socket_t server; + if (domain < 0) + { + errno = EAFNOSUPPORT; + return MACH_PORT_NULL; + } + HURD_CRITICAL_BEGIN; __mutex_lock (&lock);
Attachment:
signature.asc
Description: This is a digitally signed message part.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |