From owner-freebsd-net Wed Feb 27 22: 7:59 2002 Delivered-To: freebsd-net@freebsd.org Received: from cheer.mahoroba.org (flets19-017.kamome.or.jp [218.45.19.17]) by hub.freebsd.org (Postfix) with ESMTP id 5F82E37B417; Wed, 27 Feb 2002 22:07:53 -0800 (PST) Received: from localhost (IDENT:BHicxuhNOymoeoWnBlYX0/gHakUHd03zswn/U2RkwNHFclDmiGKNc1tSepTCtD9D@localhost [IPv6:::1]) (user=ume mech=CRAM-MD5 bits=0) by cheer.mahoroba.org (8.12.2/8.12.2) with ESMTP/inet6 id g1S67iEv093424 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 28 Feb 2002 15:07:48 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Thu, 28 Feb 2002 15:07:44 +0900 Message-ID: From: Hajimu UMEMOTO To: Rob Braun Cc: freebsd-net@FreeBSD.ORG Subject: Re: proposed changes to getnameinfo() implementation In-Reply-To: <200202272105.g1RL50J21344@lh.synack.net> References: <200202272105.g1RL50J21344@lh.synack.net> User-Agent: xcite1.38> Wanderlust/2.8.1 (Something) SEMI/1.14.3 (Ushinoya) FLIM/1.14.3 (=?ISO-8859-4?Q?Unebigory=F2mae?=) APEL/10.3 Emacs/21.1 (i386--freebsd) MULE/5.0 (=?ISO-2022-JP?B?GyRCOC1MWhsoQg==?=) X-Operating-System: FreeBSD 4.5-RELEASE MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII X-Virus-Scanned: by AMaViS-perl11-milter (http://amavis.org/) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, >>>>> On Wed, 27 Feb 2002 13:04:59 -0800 >>>>> Rob Braun said: bbraun> getnameinfo() takes a struct sockaddr pointer, and a length bbraun> parameter for the amount of memory pointed to by the struct bbraun> sockaddr pointer. No, the second parameter is not the amount of memory pointed to by the struct sockaddr pointer. It is the size of the struct sockaddr according to the address family. bbraun> The current FreeBSD implementation of getnameinfo() does bbraun> 2 problematic checks against the length parameter. First, bbraun> it makes sure the length parameter is equal to the length bbraun> specified in the passed in sockaddr structure. This is bbraun> problematic because the length parameter refers to the bbraun> amount of memory pointed to by the first parameter, and bbraun> the struct sockaddr sa_len field is used to specify the bbraun> size of the sockaddr structure, since there are different bbraun> types of sockaddr structures with different lengths. RFC2553 defines two types of struct sockaddr, one has sa_len and the other doesn't has it. Though we *BSD has sa_len, non-BSD doesn't have it. bbraun> I propose to change this exact match comparison to ensure bbraun> that the length passed in is at least what the sa_len bbraun> field is. This will allow a larger structure to be passed bbraun> in than the size of the sockaddr structure for the desired bbraun> protocol. It shouldn't. Though we actually doesn't need the second parameter of getnameinfo(), it is the alternative of the sa_len for the systems which don't have sa_len. To keep the portability of the application, we must set the size of the struct sockaddr according to the address family correctly. So, we should do such sanity checking. Furthermore, all of KAME delivered getnameinfo() including the version shipped by ISC do the checking. Changing to only FreeBSD will cause confusion. Sincerely, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message