From owner-freebsd-net  Wed Feb 27 13: 8:11 2002
Delivered-To: freebsd-net@freebsd.org
Received: from lh.synack.net (lh.synack.net [204.152.188.7])
	by hub.freebsd.org (Postfix) with ESMTP id 45AD037B402
	for <freebsd-net@FreeBSD.ORG>; Wed, 27 Feb 2002 13:08:04 -0800 (PST)
Received: from lh.synack.net (bbraun@localhost)
	by lh.synack.net (8.11.6/8.11.6) with ESMTP id g1RL50J21344
	for <freebsd-net@FreeBSD.ORG>; Wed, 27 Feb 2002 13:05:00 -0800
Message-Id: <200202272105.g1RL50J21344@lh.synack.net>
To: freebsd-net@FreeBSD.ORG
From: Rob Braun <bbraun@FreeBSD.ORG>
Subject: proposed changes to getnameinfo() implementation
Date: Wed, 27 Feb 2002 13:04:59 -0800
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


getnameinfo() takes a struct sockaddr pointer, and a length
parameter for the amount of memory pointed to by the struct
sockaddr pointer.  
The current FreeBSD implementation of getnameinfo() does
2 problematic checks against the length parameter.  First,
it makes sure the length parameter is equal to the length
specified in the passed in sockaddr structure.  This is 
problematic because the length parameter refers to the 
amount of memory pointed to by the first parameter, and
the struct sockaddr sa_len field is used to specify the
size of the sockaddr structure, since there are different
types of sockaddr structures with different lengths.
I propose to change this exact match comparison to ensure
that the length passed in is at least what the sa_len
field is.  This will allow a larger structure to be passed
in than the size of the sockaddr structure for the desired
protocol.

The second comparison is similar to the first.  The passed
in length field is compared to the size of the sockaddr
structure for the address family you're using.  Again, I
propose to make sure that the passed in length is at least
as large as the known structure length.

With these changes, it still ensure that enough memory is 
available to proceed, but it also allows more memory than
is needed.

Rob

diff -u -d -b -w -u -d -r1.7 getnameinfo.c
--- getnameinfo.c       2001/02/15 10:35:54     1.7
+++ getnameinfo.c       2002/02/27 20:48:14
@@ -119,7 +119,7 @@
        if (sa == NULL)
                return ENI_NOSOCKET;
 
-       if (sa->sa_len != salen)
+       if (sa->sa_len > salen)
                return ENI_SALEN;
 
        family = sa->sa_family;
@@ -131,7 +131,7 @@
        return ENI_FAMILY;
 
  found:
-       if (salen != afd->a_socklen)
+       if (salen < afd->a_socklen)
                return ENI_SALEN;
 
        /* network byte order */


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message