Date: Thu, 03 Jul 2014 22:01:39 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 191586] FreeBSD doesn't validate negative edgecases in bind(2)/connect(2)/listen(2) like POSIX requires Message-ID: <bug-191586-15-u4EBn7lRS4@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-191586-15@https.bugs.freebsd.org/bugzilla/> References: <bug-191586-15@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191586 Terry Lambert <lambert.tr@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lambert.tr@gmail.com --- Comment #2 from Terry Lambert <lambert.tr@gmail.com> --- Some valid statements, some invalid. You would have to configure the VSX4 tests correctly to expect the results that you'd get, but some of these are optional implement, while still being conformant. For the interfaces in question, the relevant documents are: http://pubs.opengroup.org/onlinepubs/009695399/functions/bind.html http://pubs.opengroup.org/onlinepubs/009695399/functions/connect.html http://pubs.opengroup.org/onlinepubs/009695399/functions/listen.html Comments are by API: bind(2): The EAFNOSUPPORT is non-optional; however, the test code is bogus, in that it has to specify an existing address family, such as AF_INET, rather than a potentially loaded/pluggable address family. Because this is a negative assertion test, it needs to hit on something that's actually guaranteed to be there, such as AF_INET r AF_UNIX. The EINVAL in bind(2) is an optional error return: "The bind() function may fail if..."; this indicates that bounds checking of the length is not a requirement. The rationale for this is to allow a larger-than-needed buffer to be used for a sockaddr and take it to a sockaddr_in as a void value, if needed, such that different values can be used (this is derived from the SVID III definition for the TLI implementation of separation of naming, from which the POSIX tests are originally derived). You could (potentially) make a case for bounds checking for a known address family (not pluggable) on the basis of the decode of the sin_family/sin_addr tuple, but the standard does not require it. connect(2): The EINVAL is similarly an optional error return: "The connect() function may fail if"... same base rationale. listen(2): The EDESTADDRREQ is similarly non-optional; again, however, the test is bogus for its use of an out of range/undefined address family definition. --- NB: I believe Andrew and Neil would be open to giving a select group of FreeBSD developers access to the actual test suite, perhaps later this year, assuming additional discussion and closed access to the test suite to a select group. It should very much be noted that in any conflict between the test suite and the standard, the test suite is assumed to be more correct than the actual standard, unless you file a TSD (Test Suite Deficiency) report, and The Open Group and the Austin Group agree that a test suite change is warranted by the rationale for the report. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-191586-15-u4EBn7lRS4>