[unix(4) cleanup 8/8] Fix a double connect race.
AbandonedPublic
Actions

Authored by markj on Sep 2 2020, 5:01 PM.

Tags

None

Referenced Files

	F146307627: D26301.diff
	Sun, Mar 1, 2:50 PM

	Unknown Object (File)
	Fri, Feb 20, 3:48 PM

	Unknown Object (File)
	Thu, Feb 19, 6:38 PM

	Unknown Object (File)
	Thu, Feb 19, 3:32 PM

	Unknown Object (File)
	Jan 2 2026, 5:11 PM

	Unknown Object (File)
	Dec 11 2025, 8:53 PM

	Unknown Object (File)
	Nov 10 2025, 11:36 PM

	Unknown Object (File)
	Nov 9 2025, 10:52 AM

View All 76 Files

Subscribers

emaste

Details

Reviewers: None

Summary

dgram sockets may be connected multiple times. If connect() is called
on a connected dgram socket, soconnectat() calls sodisconnect() before
creating the new connection. However, this is not synchronized, so two
concurrent connect() calls can race with each other, and uipc_connect()
does not handle it. Add an explicit check for unp_conn != NULL in
unp_connectat().

Reported by: syzkaller