[kdump] Protect against over-long sockaddr length field.
Needs ReviewPublic
Actions

Authored by peterj on Aug 17 2023, 11:26 AM.

Tags

None

Referenced Files

	Unknown Object (File)
	Dec 20 2023, 8:36 AM

	Unknown Object (File)
	Dec 11 2023, 1:09 PM

	Unknown Object (File)
	Dec 9 2023, 11:30 AM

	Unknown Object (File)
	Dec 9 2023, 6:59 AM

	Unknown Object (File)
	Nov 23 2023, 3:43 PM

	Unknown Object (File)
	Nov 23 2023, 11:05 AM

	Unknown Object (File)
	Nov 19 2023, 4:07 AM

	Unknown Object (File)
	Nov 19 2023, 3:38 AM

View All 18 Files

Subscribers

None

This revision needs review, but there are no reviewers specified.

Details

Reviewers: None

Summary

Checks ensure that the incoming sockaddr length field is not too
short but don't protect against it being too long - in which case,
the local family-specific sockaddr will be overflowed.

Implement stricter checks for AF_INET and AF_INET6 sockaddr's:

If the incoming length is too short, it will just report that the sockaddr is invalid.
If the incoming length is too short, it will decode the address and port and also print that it's too long. (The kernel also reports EINVAL in this case).

For AF_UNIX sockaddrs, directly print from the original sockaddr,
rather than copying it. Since sa_len has already been validated,
there's no need for additional validation.

Diff Detail

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

peterj requested review of this revision.Aug 17 2023, 11:26 AM

peterj created this revision.

Revision Contents
Changeset List

Path

Size

usr.bin/

kdump/

kdump.c

30 lines

Diff 126114

View Options

[kdump] Protect against over-long sockaddr length field.Needs ReviewPublicActions