Page MenuHomeFreeBSD
Differential D14981

ifconf(): correct handling of sockaddrs smaller than struct sockaddr.
ClosedPublic
Actions

Authored by brooks on Apr 5 2018, 10:18 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Jun 9, 11:29 AM
Unknown Object (File)
Fri, Jun 6, 11:19 AM
Unknown Object (File)
Mon, Jun 2, 10:31 PM
Unknown Object (File)
Fri, May 16, 2:21 PM
Unknown Object (File)
Apr 30 2025, 4:27 AM
Unknown Object (File)
Apr 23 2025, 5:09 AM
Unknown Object (File)
Apr 14 2025, 8:33 AM
Unknown Object (File)
Apr 14 2025, 4:07 AM
View All 57 Files
Subscribers
ae
imp

Details

Reviewers
emaste
kib
gordon
Commits
rS332332: MFC r332151:
rS332329: MFC r332151:
rS332151: ifconf(): correct handling of sockaddrs smaller than struct sockaddr.
Summary

Portable programs that use SIOCGIFCONF (e.g. traceroute) assume that each pseudo
ifreq is of length MAX(sizeof(struct ifreq), sizeof(ifr_name) + ifr_addr.sa_len). For
short sockaddrs we copied too much from the source sockaddr resulting in a heap
leak.

I believe only one such sockaddr exists (struct sockaddr_sco which
is 8 bytes) and it is unclear if such sockaddrs end up on interfaces
in practice. If it did, the result would be an 8 byte heap leak on current architectures.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

brooks created this revision.Apr 5 2018, 10:18 PM
Herald added a subscriber: ae. · View Herald TranscriptApr 5 2018, 10:18 PM
Harbormaster completed remote builds in B16003: Diff 41158.Apr 5 2018, 10:18 PM
kib added inline comments.Apr 6 2018, 10:23 AM
sys/net/if.c
3158 ↗(On Diff #41158)

But is it correct to report larger sa_len than it is the expected size of the address family address ?

brooks added inline comments.Apr 6 2018, 3:19 PM
sys/net/if.c
3158 ↗(On Diff #41158)

I misread the code I was looking at and you are correct that we should not alter the sa_len. I'll fix it.

brooks edited the summary of this revision. (Show Details)Apr 6 2018, 3:19 PM
brooks updated this revision to Diff 41183.Apr 6 2018, 3:23 PM
brooks marked 2 inline comments as done.
  • Preserve the sa_len of short sockaddrs. I misread the traceroute code.
Harbormaster completed remote builds in B16019: Diff 41183.Apr 6 2018, 3:23 PM
brooks edited the summary of this revision. (Show Details)Apr 6 2018, 3:28 PM

I've updated the commit message to reflect my revised understanding.

kib accepted this revision.Apr 6 2018, 4:39 PM
This revision is now accepted and ready to land.Apr 6 2018, 4:39 PM
Closed by commit rS332151: ifconf(): correct handling of sockaddrs smaller than struct sockaddr. (authored by brooks). · Explain WhyApr 6 2018, 8:27 PM
This revision was automatically updated to reflect the committed changes.
Herald added a subscriber: imp. · View Herald TranscriptApr 6 2018, 8:27 PM

Revision Contents
Changeset List

PathSize
head/
sys/
net/
8 lines

Diff 41204

View Options

head/sys/net/if.c

Loading...