[kdump] Protect against over-long sockaddr length field.
Needs ReviewPublic
Actions

Authored by peterj on Aug 17 2023, 11:26 AM.

Tags

None

Referenced Files

	F132469845: D41488.diff
	Fri, Oct 17, 4:59 AM

	Unknown Object (File)
	Sep 8 2025, 1:30 PM

	Unknown Object (File)
	Jul 31 2025, 5:14 AM

	Unknown Object (File)
	Jul 30 2025, 10:16 AM

	Unknown Object (File)
	Jul 28 2025, 9:04 AM

	Unknown Object (File)
	Jul 26 2025, 11:46 PM

	Unknown Object (File)
	Jul 19 2025, 2:09 PM

	Unknown Object (File)
	Jul 12 2025, 7:37 AM

View All 54 Files

Subscribers

None

This revision needs review, but there are no reviewers specified.

Details

Reviewers: None

Summary

Checks ensure that the incoming sockaddr length field is not too
short but don't protect against it being too long - in which case,
the local family-specific sockaddr will be overflowed.

Implement stricter checks for AF_INET and AF_INET6 sockaddr's:

If the incoming length is too short, it will just report that the sockaddr is invalid.
If the incoming length is too short, it will decode the address and port and also print that it's too long. (The kernel also reports EINVAL in this case).

For AF_UNIX sockaddrs, directly print from the original sockaddr,
rather than copying it. Since sa_len has already been validated,
there's no need for additional validation.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

peterj requested review of this revision.Aug 17 2023, 11:26 AM

peterj created this revision.

Revision Contents
Changeset List

Path

Size

usr.bin/

kdump/

kdump.c

30 lines

Diff 126114

View Options

[kdump] Protect against over-long sockaddr length field.Needs ReviewPublicActions