Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-7-1]: src/sys Pull up following revision(s) via patch (requested ...



details:   https://anonhg.NetBSD.org/src/rev/796dcf0a1816
branches:  netbsd-7-1
changeset: 450591:796dcf0a1816
user:      martin <martin%NetBSD.org@localhost>
date:      Fri Apr 19 16:02:24 2019 +0000

description:
Pull up following revision(s) via patch (requested by christos in ticket #1689):

        sys/compat/linux/common/linux_socket.c: revision 1.145
        sys/net/if.c: revision 1.449
        sys/compat/linux32/common/linux32_socket.c: revision 1.30
        sys/compat/common/uipc_syscalls_40.c: revision 1.19

Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack
disclosure. From Andy Nguyen, many thanks!

 -

Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack
disclosure. From Andy Nguyen, many thanks! This is the compat code part
pointed out by ozaki-r@

diffstat:

 sys/compat/common/uipc_syscalls_40.c       |  5 +++--
 sys/compat/linux/common/linux_socket.c     |  5 +++--
 sys/compat/linux32/common/linux32_socket.c |  5 +++--
 sys/net/if.c                               |  5 +++--
 4 files changed, 12 insertions(+), 8 deletions(-)

diffs (101 lines):

diff -r 2afd81a6a806 -r 796dcf0a1816 sys/compat/common/uipc_syscalls_40.c
--- a/sys/compat/common/uipc_syscalls_40.c      Tue Apr 16 03:57:33 2019 +0000
+++ b/sys/compat/common/uipc_syscalls_40.c      Fri Apr 19 16:02:24 2019 +0000
@@ -1,9 +1,9 @@
-/*     $NetBSD: uipc_syscalls_40.c,v 1.7 2011/01/19 10:21:16 tsutsui Exp $     */
+/*     $NetBSD: uipc_syscalls_40.c,v 1.7.38.1 2019/04/19 16:02:24 martin Exp $ */
 
 /* written by Pavel Cahyna, 2006. Public domain. */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.7 2011/01/19 10:21:16 tsutsui Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.7.38.1 2019/04/19 16:02:24 martin Exp $");
 
 /*
  * System call interface to the socket abstraction.
@@ -39,6 +39,7 @@
        int space, error = 0;
        const int sz = (int)sizeof(ifr);
 
+       memset(&ifr, 0, sizeof(ifr));
        if ((ifrp = ifc->ifc_req) == NULL)
                space = 0;
        else
diff -r 2afd81a6a806 -r 796dcf0a1816 sys/compat/linux/common/linux_socket.c
--- a/sys/compat/linux/common/linux_socket.c    Tue Apr 16 03:57:33 2019 +0000
+++ b/sys/compat/linux/common/linux_socket.c    Fri Apr 19 16:02:24 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_socket.c,v 1.119.2.1 2015/01/17 12:10:54 martin Exp $    */
+/*     $NetBSD: linux_socket.c,v 1.119.2.1.6.1 2019/04/19 16:02:24 martin Exp $        */
 
 /*-
  * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.119.2.1 2015/01/17 12:10:54 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.119.2.1.6.1 2019/04/19 16:02:24 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -1124,6 +1124,7 @@
        if (error)
                return error;
 
+       memset(&ifr, 0, sizeof(ifr));
        ifrp = ifc.ifc_req;
        if (ifrp == NULL)
                space = 0;
diff -r 2afd81a6a806 -r 796dcf0a1816 sys/compat/linux32/common/linux32_socket.c
--- a/sys/compat/linux32/common/linux32_socket.c        Tue Apr 16 03:57:33 2019 +0000
+++ b/sys/compat/linux32/common/linux32_socket.c        Fri Apr 19 16:02:24 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux32_socket.c,v 1.18 2014/05/17 21:26:20 rmind Exp $ */
+/*     $NetBSD: linux32_socket.c,v 1.18.8.1 2019/04/19 16:02:24 martin Exp $ */
 
 /*-
  * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
@@ -33,7 +33,7 @@
 
 #include <sys/cdefs.h>
 
-__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.18 2014/05/17 21:26:20 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.18.8.1 2019/04/19 16:02:24 martin Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -423,6 +423,7 @@
        if (error)
                return error;
 
+       memset(&ifr, 0, sizeof(ifr));
        ifrp = NETBSD32PTR64(ifc.ifc_req);
        if (ifrp == NULL)
                space = 0;
diff -r 2afd81a6a806 -r 796dcf0a1816 sys/net/if.c
--- a/sys/net/if.c      Tue Apr 16 03:57:33 2019 +0000
+++ b/sys/net/if.c      Fri Apr 19 16:02:24 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if.c,v 1.290.2.1 2014/11/11 12:20:28 martin Exp $      */
+/*     $NetBSD: if.c,v 1.290.2.1.6.1 2019/04/19 16:02:24 martin Exp $  */
 
 /*-
  * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,7 +90,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.290.2.1 2014/11/11 12:20:28 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.290.2.1.6.1 2019/04/19 16:02:24 martin Exp $");
 
 #include "opt_inet.h"
 
@@ -2092,6 +2092,7 @@
        int space, error = 0;
        const int sz = (int)sizeof(struct ifreq);
 
+       memset(&ifr, 0, sizeof(ifr));
        if ((ifrp = ifc->ifc_req) == NULL)
                space = 0;
        else



Home | Main Index | Thread Index | Old Index