Author: tuexen Date: Fri May 15 14:06:37 2020 New Revision: 361081 URL: https://svnweb.freebsd.org/changeset/base/361081
Log: Allow only IPv4 addresses in sendto() for TCP on AF_INET sockets. This problem was found by looking at syzkaller reproducers for some other problems. Reviewed by: rrs Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D24831 Modified: head/sys/netinet/tcp_usrreq.c Modified: head/sys/netinet/tcp_usrreq.c ============================================================================== --- head/sys/netinet/tcp_usrreq.c Fri May 15 14:00:12 2020 (r361080) +++ head/sys/netinet/tcp_usrreq.c Fri May 15 14:06:37 2020 (r361081) @@ -1037,6 +1037,12 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf error = EINVAL; goto out; } + if ((inp->inp_vflag & INP_IPV6PROTO) == 0) { + if (m != NULL) + m_freem(m); + error = EAFNOSUPPORT; + goto out; + } if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { if (m) m_freem(m); _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "[email protected]"
