Date: Thu, 11 Aug 2022 09:38:31 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: fd6b3bede5a5 - main - if_ovpn: reject non-UDP sockets Message-ID: <202208110938.27B9cVTJ097906@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=fd6b3bede5a5c210f327e5c9bd3e415ee905048b commit fd6b3bede5a5c210f327e5c9bd3e415ee905048b Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2022-08-11 08:30:39 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2022-08-11 08:40:03 +0000 if_ovpn: reject non-UDP sockets We must ensure that the fd provided by userspace is really for a UDP socket. If it's not we'll panic in udp_set_kernel_tunneling(). Reported by: Gert Doering <gert@greenie.muc.de> Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/net/if_ovpn.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c index 37814783fe3f..7d5d384a6f75 100644 --- a/sys/net/if_ovpn.c +++ b/sys/net/if_ovpn.c @@ -559,6 +559,12 @@ ovpn_new_peer(struct ifnet *ifp, const nvlist_t *nvl) goto error_locked; } + /* Make sure this is really a UDP socket. */ + if (so->so_type != SOCK_DGRAM || so->so_proto->pr_type != SOCK_DGRAM) { + ret = EPROTOTYPE; + goto error_locked; + } + /* Must be the same socket as for other peers on this interface. */ if (sc->so != NULL && so != sc->so) goto error_locked;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202208110938.27B9cVTJ097906>