Date: Wed, 12 Feb 2020 15:51:29 +0000 (UTC) From: Mark Johnston <markj@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r357825 - stable/12/lib/libc/net Message-ID: <202002121551.01CFpTZR051720@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: markj Date: Wed Feb 12 15:51:29 2020 New Revision: 357825 URL: https://svnweb.freebsd.org/changeset/base/357825 Log: MFC r357575: Improve validation of the sockaddr length in iruserok_sa(). PR: 243747 Modified: stable/12/lib/libc/net/rcmd.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/libc/net/rcmd.c ============================================================================== --- stable/12/lib/libc/net/rcmd.c Wed Feb 12 15:46:33 2020 (r357824) +++ stable/12/lib/libc/net/rcmd.c Wed Feb 12 15:51:29 2020 (r357825) @@ -438,8 +438,8 @@ iruserok_sa(const void *ra, int rlen, int superuser, c struct sockaddr_storage ss; /* avoid alignment issue */ - if (rlen > sizeof(ss)) - return(-1); + if (rlen <= 0 || rlen > sizeof(ss)) + return (-1); memcpy(&ss, ra, rlen); raddr = (struct sockaddr *)&ss;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202002121551.01CFpTZR051720>