From owner-freebsd-standards@FreeBSD.ORG Thu Jul 3 22:01:39 2014 Return-Path: Delivered-To: freebsd-standards@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 342AA850 for ; Thu, 3 Jul 2014 22:01:39 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 166D9298E for ; Thu, 3 Jul 2014 22:01:39 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.8/8.14.8) with ESMTP id s63M1cP8090426 for ; Thu, 3 Jul 2014 23:01:38 +0100 (BST) (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 191586] FreeBSD doesn't validate negative edgecases in bind(2)/connect(2)/listen(2) like POSIX requires Date: Thu, 03 Jul 2014 22:01:39 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: 11.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: lambert.tr@gmail.com X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2014 22:01:39 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191586 Terry Lambert changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lambert.tr@gmail.com --- Comment #2 from Terry Lambert --- Some valid statements, some invalid. You would have to configure the VSX4 tests correctly to expect the results that you'd get, but some of these are optional implement, while still being conformant. For the interfaces in question, the relevant documents are: http://pubs.opengroup.org/onlinepubs/009695399/functions/bind.html http://pubs.opengroup.org/onlinepubs/009695399/functions/connect.html http://pubs.opengroup.org/onlinepubs/009695399/functions/listen.html Comments are by API: bind(2): The EAFNOSUPPORT is non-optional; however, the test code is bogus, in that it has to specify an existing address family, such as AF_INET, rather than a potentially loaded/pluggable address family. Because this is a negative assertion test, it needs to hit on something that's actually guaranteed to be there, such as AF_INET r AF_UNIX. The EINVAL in bind(2) is an optional error return: "The bind() function may fail if..."; this indicates that bounds checking of the length is not a requirement. The rationale for this is to allow a larger-than-needed buffer to be used for a sockaddr and take it to a sockaddr_in as a void value, if needed, such that different values can be used (this is derived from the SVID III definition for the TLI implementation of separation of naming, from which the POSIX tests are originally derived). You could (potentially) make a case for bounds checking for a known address family (not pluggable) on the basis of the decode of the sin_family/sin_addr tuple, but the standard does not require it. connect(2): The EINVAL is similarly an optional error return: "The connect() function may fail if"... same base rationale. listen(2): The EDESTADDRREQ is similarly non-optional; again, however, the test is bogus for its use of an out of range/undefined address family definition. --- NB: I believe Andrew and Neil would be open to giving a select group of FreeBSD developers access to the actual test suite, perhaps later this year, assuming additional discussion and closed access to the test suite to a select group. It should very much be noted that in any conflict between the test suite and the standard, the test suite is assumed to be more correct than the actual standard, unless you file a TSD (Test Suite Deficiency) report, and The Open Group and the Austin Group agree that a test suite change is warranted by the rationale for the report. -- You are receiving this mail because: You are the assignee for the bug.