Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 26 Feb 2019 05:01:54 +0000
From:      <Weike.Chen@Dell.com>
To:        <brooks@freebsd.org>
Cc:        <emulation@FreeBSD.org>
Subject:   RE: Potential issues for linux socket syscall
Message-ID:  <81956e2f64b843258fc49e33aaca7a2d@KULX13MDC127.APAC.DELL.COM>
In-Reply-To: <20190225184502.GC47081@spindle.one-eyed-alien.net>
References:  <b2d310eaeb304bf1bdcaa49efe8c4f86@KULX13MDC127.APAC.DELL.COM> <20190225184502.GC47081@spindle.one-eyed-alien.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
> From: Brooks Davis <brooks@freebsd.org>
> Sent: Tuesday, February 26, 2019 2:45 AM
> To: Chen, Weike <Weike_Chen@Dell.com>
> Cc: emulation@FreeBSD.org
> Subject: Re: Potential issues for linux socket syscall
>=20
> On Thu, Feb 21, 2019 at 02:57:23AM +0000, Weike.Chen@Dell.com wrote:
> >
> > Hi Linux emulation experts,
> >
> > I find a potential issue on FreeBSD 12 official release for Linux emula=
tion
> syscall.
> >
> > The function 'linux_getsockname' in 'linux_socket.c' calls
> 'bsd_to_linux_sockaddr', and it calls 'bsd_to_linux_domain' to convert
> 'sa_family' from BSD domain to Linux domain.
> >
> > But after calling  'bsd_to_linux_sockaddr', 'linux_sa_put' is called, a=
nd it calls
> 'bsd_to_linux_domain' to convert 'sa_family' from BSD domain to Linux dom=
ain
> again.
> > But the 'sa_family' has already been converted.
> > Since the value of AF_INTE6 and LINUX_AF_INET6 is different, and conver=
ting
> twice will cause issue.
>=20
> This code is definitely unsafe.  I'd opened a bug to track some of this i=
ssues at
> little while ago at:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D232920.
>=20
> Would you mind pasting your analysis into that report?
I have past the analysis with the case and testing result on freebsd and li=
nux.

>=20
> Do you have a simple test case?  I only hit the issue while auditing some=
 general
> code and so was leary about trying to fix unfamiliar code without one.
>=20
> Thanks,
> Brooks

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?81956e2f64b843258fc49e33aaca7a2d>