Page MenuHomeFreeBSD
Differential D31422

tcp, udp: improve input validation in bind()
ClosedPublic
Actions

Authored by tuexen on Aug 5 2021, 11:03 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Apr 9, 5:05 PM
Unknown Object (File)
Feb 14 2024, 2:29 AM
Unknown Object (File)
Feb 10 2024, 5:12 AM
Unknown Object (File)
Dec 30 2023, 4:26 PM
Unknown Object (File)
Dec 21 2023, 2:21 PM
Unknown Object (File)
Dec 13 2023, 11:22 AM
Unknown Object (File)
Dec 1 2023, 6:04 AM
Unknown Object (File)
Nov 16 2023, 9:57 PM
View All 22 Files
Subscribers
glebius
imp
melifaro

Details

Reviewers
markj
rscheff
rrs
Group Reviewers
transport
Commits
rGdb8fc0ef23d1: tcp, udp: improve input validation in handling bind()
rG3f1f6b6ef7f6: tcp, udp: improve input validation in handling bind()
Summary

This fixes:

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

tuexen created this revision.Aug 5 2021, 11:03 AM
Herald added a reviewer: transport. · View Herald TranscriptAug 5 2021, 11:03 AM
Herald added a subscriber: melifaro. · View Herald Transcript
tuexen requested review of this revision.Aug 5 2021, 11:03 AM
tuexen added reviewers: rscheff, rrs.
rscheff accepted this revision.Aug 5 2021, 11:08 AM

lgtm

This revision is now accepted and ready to land.Aug 5 2021, 11:08 AM
markj accepted this revision.Aug 5 2021, 12:44 PM

Thank you.

sys/netinet/tcp_usrreq.c
329

I would just check nam->sa_len != sizeof(*sinp) since we perform that exact check again below. This is ok though.

tuexen marked an inline comment as done.Aug 5 2021, 1:04 PM
tuexen added inline comments.
sys/netinet/tcp_usrreq.c
329

I was considering that or even just do the check for sa_len before the check for sa_family. I decided to do it this way to report EINVAL if sa_len is not correct as often as possible.

Closed by commit rG3f1f6b6ef7f6: tcp, udp: improve input validation in handling bind() (authored by tuexen). · Explain WhyAug 5 2021, 1:12 PM
This revision was automatically updated to reflect the committed changes.
tuexen marked an inline comment as done.
tuexen added a commit: rG3f1f6b6ef7f6: tcp, udp: improve input validation in handling bind().
tuexen added a commit: rGdb8fc0ef23d1: tcp, udp: improve input validation in handling bind().Feb 22 2022, 10:28 PM
Herald added subscribers: glebius, imp. · View Herald TranscriptFeb 22 2022, 10:28 PM

Revision Contents
Changeset List

PathSize
sys/
netinet/
1 line
1 line

Diff 93267

View Options

sys/netinet/tcp_usrreq.c

Loading...
View Options

sys/netinet/udp_usrreq.c

Loading...