From owner-freebsd-bugs  Sun Dec 14 09:50:06 1997
Return-Path: <owner-freebsd-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id JAA22528
          for bugs-outgoing; Sun, 14 Dec 1997 09:50:06 -0800 (PST)
          (envelope-from owner-freebsd-bugs)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id JAA22511;
          Sun, 14 Dec 1997 09:50:02 -0800 (PST)
          (envelope-from gnats)
Resent-Date: Sun, 14 Dec 1997 09:50:02 -0800 (PST)
Resent-Message-Id: <199712141750.JAA22511@hub.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG, pb@fasterix.freenix.org
Received: from frmug.org (frmug-gw.frmug.org [193.56.58.252])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA21870
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 14 Dec 1997 09:43:10 -0800 (PST)
          (envelope-from pb@fasterix.frmug.org)
Received: (from uucp@localhost)
	by frmug.org (8.8.8/frmug-2.1/nospam) with UUCP id SAA22891
	for FreeBSD-gnats-submit@freebsd.org; Sun, 14 Dec 1997 18:43:01 +0100 (CET)
	(envelope-from pb@fasterix.frmug.org)
Received: (from pb@localhost)
	by fasterix.frmug.org (8.8.8/8.8.5/pb-19970302) id SAA00682;
	Sun, 14 Dec 1997 18:34:20 +0100 (CET)
Message-Id: <199712141734.SAA00682@fasterix.frmug.org>
Date: Sun, 14 Dec 1997 18:34:20 +0100 (CET)
From: Pierre Beyssac <pb@fasterix.freenix.org>
Reply-To: pb@fasterix.freenix.org
To: FreeBSD-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: 3.2
Subject: kern/5291: oaccept() not correctly returning peer address
Sender: owner-freebsd-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         5291
>Category:       kern
>Synopsis:       oaccept() not correctly returning peer address
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Dec 14 09:50:01 PST 1997
>Last-Modified:
>Originator:     Pierre Beyssac
>Organization:
individual
>Release:        FreeBSD 3.0-CURRENT i386
>Environment:

3.0-current kernel compiled with COMPAT_43. Linux emulator.

>Description:

oaccept() doesn't correctly return the peer sockaddr.
This is the same as the previous problem with recvfrom().

>How-To-Repeat:

Use any Linux program which does an accept() and displays the peer
address. I used "nc -l -vv -p 1200", then telnet localhost 1200.

>Fix:
	
--- uipc_syscalls.c.orig	Sun Dec 14 15:05:04 1997
+++ uipc_syscalls.c	Sun Dec 14 18:28:44 1997
@@ -242,15 +242,16 @@
 			goto gotnoname;
 		return 0;
 	}
 	if (uap->name) {
+		/* check sa_len before it is destroyed */
+		if (namelen > sa->sa_len)
+			namelen = sa->sa_len;
 #ifdef COMPAT_OLDSOCK
 		if (compat)
 			((struct osockaddr *)sa)->sa_family =
 			    sa->sa_family;
 #endif
-		if (namelen > sa->sa_len)
-			namelen = sa->sa_len;
 		error = copyout(sa, (caddr_t)uap->name, (u_int)namelen);
 		if (!error)
 gotnoname:
 			error = copyout((caddr_t)&namelen,
>Audit-Trail:
>Unformatted: