rtsock: fix buffer overrun (sockaddr misuse)
ClosedPublic
Actions

Authored by takahiro.kurosawa_gmail.com on May 12 2022, 11:24 PM.

Details

Reviewers

melifaro
markj
kp

Group Reviewers

network

Commits

rG94cea2fc0761: rtsock: fix a stack overflow
rG9573cc35555e: rtsock: fix a stack overflow

Summary

struct sockaddr is not sufficient for buffer that can hold any
sockaddr_* structure. struct sockaddr_storage should be used.

Test Plan

ifconfig epair create
ifconfig epair0a inet6 add 2001:db8::1 up
ndp -s 2001:db8::2 02:86:98:2e:96:0b proxy # this triggers kernel stack overflow

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

takahiro.kurosawa_gmail.com created this revision.May 12 2022, 11:24 PM

Herald added subscribers: Contributor Reviews (src), glebius, melifaro and 2 others. · View Herald TranscriptMay 12 2022, 11:24 PM

takahiro.kurosawa_gmail.com requested review of this revision.May 12 2022, 11:24 PM

Harbormaster completed remote builds in B45553: Diff 105927.May 12 2022, 11:24 PM

takahiro.kurosawa_gmail.com added reviewers: melifaro, network.May 12 2022, 11:29 PM

zlei added a subscriber: zlei.May 13 2022, 1:51 AM

markj accepted this revision as: markj.May 13 2022, 1:31 PM

This revision is now accepted and ready to land.May 13 2022, 1:31 PM

Good catch!

sys/net/rtsock.c
807–808	This line is too long.

Closed by commit rG9573cc35555e: rtsock: fix a stack overflow (authored by takahiro.kurosawa_gmail.com, committed by kp). · Explain WhyMay 13 2022, 8:06 PM

This revision was automatically updated to reflect the committed changes.

kp added a commit: rG9573cc35555e: rtsock: fix a stack overflow.

kp added a commit: rG94cea2fc0761: rtsock: fix a stack overflow.May 25 2022, 8:31 AM

Revision Contents
Changeset List

Path

Size

sys/

net/

rtsock.c

10 lines

Diff 105965

View Options

rtsock: fix buffer overrun (sockaddr misuse)ClosedPublicActions