Re: install/42436

To: install-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,dholland%eecs.harvard.edu@localhost
Subject: Re: install/42436
From: Martin Husemann <martin%duskware.de@localhost>
Date: Tue, 12 Jan 2010 20:05:03 +0000 (UTC)

The following reply was made to PR install/42436; it has been noted by GNATS.

From: Martin Husemann <martin%duskware.de@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: dholland%eecs.harvard.edu@localhost, is%NetBSD.org@localhost
Subject: Re: install/42436
Date: Tue, 12 Jan 2010 21:03:01 +0100

 Since the sockaddr changes struct ifreq and struct ifmediareq are no longer
 "compatible" in the strange kind of way this code assumed. (The crash happens
 dereferencing sa_in, which is NULL, in the code below after the first ioctl.)
 
 Proof of concept patch below (not even compile tested, but you get the idea).
 If nobody beats me to it, I'll test and commit tomorrow.
 
 Martin
 
 Index: net.c
 ===================================================================
 RCS file: /cvsroot/src/distrib/utils/sysinst/net.c,v
 retrieving revision 1.123
 diff -c -u -p -r1.123 net.c
 --- net.c      16 Oct 2009 19:01:03 -0000      1.123
 +++ net.c      12 Jan 2010 19:56:35 -0000
 @@ -303,7 +303,25 @@ get_ifconfig_info(void)
  }
  
  static int
 -do_ifreq(struct ifmediareq *ifmr, unsigned long cmd)
 +do_ifreq(struct ifreq *ifr, unsigned long cmd)
 +{
 +      int sock;
 +      int rval;
 +
 +      sock = socket(PF_INET, SOCK_DGRAM, 0);
 +      if (sock == -1)
 +              return -1;
 +
 +      memset(ifr, 0, sizeof *ifr);
 +      strncpy(ifr->ifr_name, net_dev, sizeof ifr->ifr_name);
 +      rval = ioctl(sock, cmd, ifr);
 +      close(sock);
 +
 +      return rval;
 +}
 +
 +static int
 +do_ifmreq(struct ifmediareq *ifmr, unsigned long cmd)
  {
        int sock;
        int rval;
 @@ -324,19 +342,20 @@ do_ifreq(struct ifmediareq *ifmr, unsign
  static void
  get_ifinterface_info(void)
  {
 +      struct ifreq ift;
        struct ifmediareq ifmr;
 -      struct sockaddr_in *sa_in = (void *)&((struct ifreq *)&ifmr)->ifr_addr;
 +      struct sockaddr_in *sa_in = (void*)&ifr.ifr_addr;
        int modew;
        const char *media_opt;
        const char *sep;
  
 -      if (do_ifreq(&ifmr, SIOCGIFADDR) == 0 && sa_in->sin_addr.s_addr != 0)
 +      if (do_ifreq(&ifr, SIOCGIFADDR) == 0 && sa_in->sin_addr.s_addr != 0)
                strlcpy(net_ip, inet_ntoa(sa_in->sin_addr), sizeof net_ip);
  
 -      if (do_ifreq(&ifmr, SIOCGIFNETMASK) == 0 && sa_in->sin_addr.s_addr != 0)
 +      if (do_ifreq(&ifr, SIOCGIFNETMASK) == 0 && sa_in->sin_addr.s_addr != 0)
                strlcpy(net_mask, inet_ntoa(sa_in->sin_addr), sizeof net_mask);
  
 -      if (do_ifreq(&ifmr, SIOCGIFMEDIA) == 0) {
 +      if (do_ifmreq(&ifmr, SIOCGIFMEDIA) == 0) {
                /* Get the name of the media word */
                modew = ifmr.ifm_current;
                strlcpy(net_media, get_media_subtype_string(modew),

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: port-alpha/38358 (LOCKDEBUG panic when attaching tsp1)
Previous by Thread: Re: install/42436
Next by Thread: Re: install/42436
Indexes:

Home | Main Index | Thread Index | Old Index