Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Feb 2019 18:45:02 +0000
From:      Brooks Davis <brooks@freebsd.org>
To:        Weike.Chen@Dell.com
Cc:        emulation@FreeBSD.org
Subject:   Re: Potential issues for linux socket syscall
Message-ID:  <20190225184502.GC47081@spindle.one-eyed-alien.net>
In-Reply-To: <b2d310eaeb304bf1bdcaa49efe8c4f86@KULX13MDC127.APAC.DELL.COM>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
On Thu, Feb 21, 2019 at 02:57:23AM +0000, Weike.Chen@Dell.com wrote:
> 
> Hi Linux emulation experts,
> 
> I find a potential issue on FreeBSD 12 official release for Linux emulation syscall.
> 
> The function 'linux_getsockname' in 'linux_socket.c' calls 'bsd_to_linux_sockaddr', and it calls 'bsd_to_linux_domain' to convert 'sa_family' from BSD domain to Linux domain.
> 
> But after calling  'bsd_to_linux_sockaddr', 'linux_sa_put' is called, and it calls 'bsd_to_linux_domain' to convert 'sa_family' from BSD domain to Linux domain again.
> But the 'sa_family' has already been converted.
> Since the value of AF_INTE6 and LINUX_AF_INET6 is different, and converting twice will cause issue. 

This code is definitely unsafe.  I'd opened a bug to track some of this
issues at little while ago at:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232920.

Would you mind pasting your analysis into that report?

Do you have a simple test case?  I only hit the issue while auditing
some general code and so was leary about trying to fix unfamiliar code
without one.

Thanks,
Brooks

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJcdDetAAoJEKzQXbSebgfAPIMH/RTQ/zcQyfmknlW/hH/ZorMo
PuZRG0QGje5enXEAwaxejbbxADonVjujYd0m1QNwizfsmmE1tmc6Lfz5gQ4adCqQ
MsVLl20xeRK9+CDfZ5n0nomrV1eoi9JTJnFVefeuvEOSO2oCL3DvCuLhjiUFWJyo
Run4NTbhMkViHKQSgKaZNeWY0su+XQ42lv/CsVCLF51PKhZNpN8weRwl2qRiR7Ee
sZnc24JJTwr9SKXeW5Xduesav7yewxPtM5iQBsbX2tY3oTFML7cBfPrwFBeG2qbI
KbW4EldfPWOlrj9D7UFNX+mOm8hyM16SpEWPGADhhXs8Nd8qvdBQWE4r6eDmAX0=
=O+P5
-----END PGP SIGNATURE-----
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190225184502.GC47081>