Alle lunedì 21 novembre 2011, Samuel Thibault ha scritto: > Pino Toscano, le Mon 21 Nov 2011 01:25:55 +0100, a écrit : > > attached there is a patch for glibc to check for negative indexes > > in _hurd_socket_server(). > > Thanks! Could you submit it to libc-alpha? (with rol...@gnu.org > CC-ed)
Updated patch in form of git commit. (I have already the copyright assignment for glibc done.) -- Pino Toscano
From 4e31da499e47738cee4784b4d14f2164e84fe711 Mon Sep 17 00:00:00 2001
From: Pino Toscano <toscano.p...@tiscali.it>
Date: Mon, 21 Nov 2011 14:21:03 +0100
Subject: [PATCH] hurdsock: reject negative domains
Reject negative socket domains right away; otherwise, it is possible to read
and set out-of-bounds locations of the `servers' array (returning the values
at those invalid memory locations), and even try to deallocate ports with
random values if the `dead' parameter is different than zero.
---
ChangeLog | 5 +++++
hurd/hurdsock.c | 6 ++++++
2 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index d9866de..472cb7c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2011-11-21 Pino Toscano <toscano.p...@tiscali.it>
+
+ * hurd/hurdsock.c (_hurd_socket_server): Check for negative domains,
+ and reject them.
+
2011-11-17 Ulrich Drepper <drep...@gmail.com>
* Makefile.in: Remove CVSOPT handling.
diff --git a/hurd/hurdsock.c b/hurd/hurdsock.c
index a01b8aa..f2817e3 100644
--- a/hurd/hurdsock.c
+++ b/hurd/hurdsock.c
@@ -47,6 +47,12 @@ _hurd_socket_server (int domain, int dead)
{
socket_t server;
+ if (domain < 0)
+ {
+ errno = EAFNOSUPPORT;
+ return MACH_PORT_NULL;
+ }
+
HURD_CRITICAL_BEGIN;
__mutex_lock (&lock);
--
1.7.7.1
signature.asc
Description: This is a digitally signed message part.
