Page MenuHomeFreeBSD
Differential D31422

tcp, udp: improve input validation in bind()
ClosedPublic
Actions

Authored by tuexen on Aug 5 2021, 11:03 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Feb 12, 7:01 PM
Unknown Object (File)
Tue, Feb 11, 7:55 PM
Unknown Object (File)
Wed, Feb 5, 2:06 AM
Unknown Object (File)
Sat, Feb 1, 4:35 AM
Unknown Object (File)
Jan 25 2025, 5:21 PM
Unknown Object (File)
Jan 24 2025, 7:55 AM
Unknown Object (File)
Jan 20 2025, 7:08 AM
Unknown Object (File)
Jan 15 2025, 7:16 PM
View All 54 Files
Subscribers
glebius
imp
melifaro

Details

Reviewers
markj
rscheff
rrs
Group Reviewers
transport
Commits
rGdb8fc0ef23d1: tcp, udp: improve input validation in handling bind()
rG3f1f6b6ef7f6: tcp, udp: improve input validation in handling bind()
Summary

This fixes:

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

tuexen created this revision.Aug 5 2021, 11:03 AM
Herald added a reviewer: transport. · View Herald TranscriptAug 5 2021, 11:03 AM
Herald added a subscriber: melifaro. · View Herald Transcript
tuexen requested review of this revision.Aug 5 2021, 11:03 AM
tuexen added reviewers: rscheff, rrs.
rscheff accepted this revision.Aug 5 2021, 11:08 AM

lgtm

This revision is now accepted and ready to land.Aug 5 2021, 11:08 AM
markj accepted this revision.Aug 5 2021, 12:44 PM

Thank you.

sys/netinet/tcp_usrreq.c
329

I would just check nam->sa_len != sizeof(*sinp) since we perform that exact check again below. This is ok though.

tuexen marked an inline comment as done.Aug 5 2021, 1:04 PM
tuexen added inline comments.
sys/netinet/tcp_usrreq.c
329

I was considering that or even just do the check for sa_len before the check for sa_family. I decided to do it this way to report EINVAL if sa_len is not correct as often as possible.

Closed by commit rG3f1f6b6ef7f6: tcp, udp: improve input validation in handling bind() (authored by tuexen). · Explain WhyAug 5 2021, 1:12 PM
This revision was automatically updated to reflect the committed changes.
tuexen marked an inline comment as done.
tuexen added a commit: rG3f1f6b6ef7f6: tcp, udp: improve input validation in handling bind().
tuexen added a commit: rGdb8fc0ef23d1: tcp, udp: improve input validation in handling bind().Feb 22 2022, 10:28 PM
Herald added subscribers: glebius, imp. · View Herald TranscriptFeb 22 2022, 10:28 PM

Revision Contents
Changeset List

PathSize
sys/
netinet/
1 line
1 line

Diff 93267

View Options

sys/netinet/tcp_usrreq.c

Loading...
View Options

sys/netinet/udp_usrreq.c

Loading...