From owner-cvs-src@FreeBSD.ORG Mon May 10 08:36:44 2004 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0630216A4CE; Mon, 10 May 2004 08:36:44 -0700 (PDT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id 790A443D5D; Mon, 10 May 2004 08:36:43 -0700 (PDT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 3160BACC62; Mon, 10 May 2004 17:36:42 +0200 (CEST) Date: Mon, 10 May 2004 17:36:42 +0200 From: Pawel Jakub Dawidek To: "Christian S.J. Peron" Message-ID: <20040510153642.GE24376@darkness.comp.waw.pl> References: <200405101507.i4AF7N6L010886@repoman.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+FEWvIKKURwZl3fO" Content-Disposition: inline In-Reply-To: <200405101507.i4AF7N6L010886@repoman.freebsd.org> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/net rtsock.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2004 15:36:44 -0000 --+FEWvIKKURwZl3fO Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 10, 2004 at 08:07:23AM -0700, Christian S.J. Peron wrote: +> Modified files: +> sys/net rtsock.c=20 +> Log: +> Zero the un-used portions of the struct sockaddr data before sending +> it back to userspace, so it does not break bind(2) on raw sockets in j= ails. +> =20 +> Currently some processes, like traceroute(8) construct a routing reque= st +> to determine its source address based on the destination. This sockaddr +> data is fed directly to bind(2). When bind calls ifa_ifwithaddr(9) to +> make sure the address exists on the interface, the comparison will +> fail causing bind(2) to return EADDRNOTAVAIL if the data wasnt zero'ed +> before initialization. [...] +> if (jailed(so->so_cred)) { +> + memset(&jail, 0, sizeof(jail)); +> jail.sin_family =3D PF_INET; Why not bzero()? --=20 Pawel Jakub Dawidek http://www.FreeBSD.org pjd@FreeBSD.org http://garage.freebsd.pl FreeBSD committer Am I Evil? Yes, I Am! --+FEWvIKKURwZl3fO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAn6GKForvXbEpPzQRAkgEAKCCLMxgJyyfTVxUEETqiIjhbqArEACfb17X /dhnmCeUOyntlwpJquJT++M= =lLYS -----END PGP SIGNATURE----- --+FEWvIKKURwZl3fO--