From owner-freebsd-bugs Wed Aug 29 3:30: 8 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id ED12537B409 for ; Wed, 29 Aug 2001 03:30:00 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f7TAU0T75198; Wed, 29 Aug 2001 03:30:00 -0700 (PDT) (envelope-from gnats) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id F22C037B405 for ; Wed, 29 Aug 2001 03:28:56 -0700 (PDT) (envelope-from nobody@FreeBSD.org) Received: (from nobody@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id f7TASur75103; Wed, 29 Aug 2001 03:28:56 -0700 (PDT) (envelope-from nobody) Message-Id: <200108291028.f7TASur75103@freefall.freebsd.org> Date: Wed, 29 Aug 2001 03:28:56 -0700 (PDT) From: John Morrow To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: misc/30186: getaddrinfo does not handle incorrect servname Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 30186 >Category: misc >Synopsis: getaddrinfo does not handle incorrect servname >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Aug 29 03:30:00 PDT 2001 >Closed-Date: >Last-Modified: >Originator: John Morrow >Release: 4.4-PRERELEASE >Organization: >Environment: FreeBSD dagobah.uk.inktomi.com 4.4-PRERELEASE FreeBSD 4.4-PRERELEASE #9: Mon Aug 6 12:29:02 BST 2001 jmorrow@dagobah.uk.inktomi.com:/usr/src/sys/compile/DAGOBAH i386 >Description: If I call getaddrinfo("127.0.0.1", "80", &hints, &res) as a non-root user and then bind using the returned socket address structure my program is bound to the wrong address and port. I would have expected a correctly filled out socket address structure and then a EACCESS from bind(2). $ ./a.out 127.0.0.1 80 & sockstat -l4 | grep a.out jmorrow a.out 30004 3 tcp4 *:1045 *:* $ ./a.out 127.0.0.1 8000 & sockstat -l4 | grep a.out jmorrow a.out 30009 3 tcp4 127.0.0.1:8000 *:* Also putting negative or high port numbers into this program never causes getaddrinfo to return an error. >How-To-Repeat: #include #include #include #include int main(int argc, char **argv) { struct addrinfo hints, *res; int error, sock; (void)memset(&hints, 0, sizeof(hints)); hints.ai_family = PF_UNSPEC; hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; hints.ai_socktype = SOCK_STREAM; error = getaddrinfo(argv[1], argv[2], &hints, &res); if ( error ) { (void)printf("%s: %s\n", argv[1], gai_strerror(error)); return 1; } sock = socket(res->ai_family, res->ai_socktype, res->ai_protocol); bind(sock, res->ai_addr, res->ai_addrlen); listen(sock, 5); sleep(60); freeaddrinfo(res); return 0; } >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message