[src/netbsd-7-0]: src/sys Pull up following revision(s) via patch (requested ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-7-0]: src/sys Pull up following revision(s) via patch (requested ...
From: martin <martin%NetBSD.org@localhost>
Date: Fri, 19 Apr 2019 18:18:04 +0000

details:   https://anonhg.NetBSD.org/src/rev/cb6de2bb204a
branches:  netbsd-7-0
changeset: 450593:cb6de2bb204a
user:      martin <martin%NetBSD.org@localhost>
date:      Fri Apr 19 16:03:08 2019 +0000

description:
Pull up following revision(s) via patch (requested by christos in ticket #1689):

        sys/compat/linux/common/linux_socket.c: revision 1.145
        sys/net/if.c: revision 1.449
        sys/compat/linux32/common/linux32_socket.c: revision 1.30
        sys/compat/common/uipc_syscalls_40.c: revision 1.19

Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack
disclosure. From Andy Nguyen, many thanks!

 -

Zero out the ifreq struct for SIOCGIFCONF to avoid up to 127 bytes of stack
disclosure. From Andy Nguyen, many thanks! This is the compat code part
pointed out by ozaki-r@

diffstat:

 sys/compat/common/uipc_syscalls_40.c       |  5 +++--
 sys/compat/linux/common/linux_socket.c     |  5 +++--
 sys/compat/linux32/common/linux32_socket.c |  5 +++--
 sys/net/if.c                               |  5 +++--
 4 files changed, 12 insertions(+), 8 deletions(-)

diffs (101 lines):

diff -r 178b04fe1b0c -r cb6de2bb204a sys/compat/common/uipc_syscalls_40.c
--- a/sys/compat/common/uipc_syscalls_40.c      Tue Apr 16 03:57:12 2019 +0000
+++ b/sys/compat/common/uipc_syscalls_40.c      Fri Apr 19 16:03:08 2019 +0000
@@ -1,9 +1,9 @@
-/*     $NetBSD: uipc_syscalls_40.c,v 1.7 2011/01/19 10:21:16 tsutsui Exp $     */
+/*     $NetBSD: uipc_syscalls_40.c,v 1.7.34.1 2019/04/19 16:03:09 martin Exp $ */
 
 /* written by Pavel Cahyna, 2006. Public domain. */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.7 2011/01/19 10:21:16 tsutsui Exp $");
+__KERNEL_RCSID(0, "$NetBSD: uipc_syscalls_40.c,v 1.7.34.1 2019/04/19 16:03:09 martin Exp $");
 
 /*
  * System call interface to the socket abstraction.
@@ -39,6 +39,7 @@
        int space, error = 0;
        const int sz = (int)sizeof(ifr);
 
+       memset(&ifr, 0, sizeof(ifr));
        if ((ifrp = ifc->ifc_req) == NULL)
                space = 0;
        else
diff -r 178b04fe1b0c -r cb6de2bb204a sys/compat/linux/common/linux_socket.c
--- a/sys/compat/linux/common/linux_socket.c    Tue Apr 16 03:57:12 2019 +0000
+++ b/sys/compat/linux/common/linux_socket.c    Fri Apr 19 16:03:08 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux_socket.c,v 1.119.2.1 2015/01/17 12:10:54 martin Exp $    */
+/*     $NetBSD: linux_socket.c,v 1.119.2.1.2.1 2019/04/19 16:03:08 martin Exp $        */
 
 /*-
  * Copyright (c) 1995, 1998, 2008 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.119.2.1 2015/01/17 12:10:54 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux_socket.c,v 1.119.2.1.2.1 2019/04/19 16:03:08 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -1124,6 +1124,7 @@
        if (error)
                return error;
 
+       memset(&ifr, 0, sizeof(ifr));
        ifrp = ifc.ifc_req;
        if (ifrp == NULL)
                space = 0;
diff -r 178b04fe1b0c -r cb6de2bb204a sys/compat/linux32/common/linux32_socket.c
--- a/sys/compat/linux32/common/linux32_socket.c        Tue Apr 16 03:57:12 2019 +0000
+++ b/sys/compat/linux32/common/linux32_socket.c        Fri Apr 19 16:03:08 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: linux32_socket.c,v 1.18 2014/05/17 21:26:20 rmind Exp $ */
+/*     $NetBSD: linux32_socket.c,v 1.18.4.1 2019/04/19 16:03:09 martin Exp $ */
 
 /*-
  * Copyright (c) 2006 Emmanuel Dreyfus, all rights reserved.
@@ -33,7 +33,7 @@
 
 #include <sys/cdefs.h>
 
-__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.18 2014/05/17 21:26:20 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: linux32_socket.c,v 1.18.4.1 2019/04/19 16:03:09 martin Exp $");
 
 #include <sys/types.h>
 #include <sys/param.h>
@@ -423,6 +423,7 @@
        if (error)
                return error;
 
+       memset(&ifr, 0, sizeof(ifr));
        ifrp = NETBSD32PTR64(ifc.ifc_req);
        if (ifrp == NULL)
                space = 0;
diff -r 178b04fe1b0c -r cb6de2bb204a sys/net/if.c
--- a/sys/net/if.c      Tue Apr 16 03:57:12 2019 +0000
+++ b/sys/net/if.c      Fri Apr 19 16:03:08 2019 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if.c,v 1.290.2.1 2014/11/11 12:20:28 martin Exp $      */
+/*     $NetBSD: if.c,v 1.290.2.1.2.1 2019/04/19 16:03:08 martin Exp $  */
 
 /*-
  * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,7 +90,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.290.2.1 2014/11/11 12:20:28 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.290.2.1.2.1 2019/04/19 16:03:08 martin Exp $");
 
 #include "opt_inet.h"
 
@@ -2092,6 +2092,7 @@
        int space, error = 0;
        const int sz = (int)sizeof(struct ifreq);
 
+       memset(&ifr, 0, sizeof(ifr));
        if ((ifrp = ifc->ifc_req) == NULL)
                space = 0;
        else

Prev by Date: [src/netbsd-7-0]: src/doc Ticket #1689
Next by Date: [src/trunk]: src/sys/arch/ia64/ia64 In map_vhpt(), read pmap_vhpt_log2size be...
Previous by Thread: [src/netbsd-7-0]: src/doc Ticket #1689
Next by Thread: [src/trunk]: src/sys/arch/ia64/ia64 In map_vhpt(), read pmap_vhpt_log2size be...
Indexes:

Home | Main Index | Thread Index | Old Index