Thu Sep 3 15:01:19 2015 UTC ()
PR/50195: Henning Petersen: Incorrect check in getnameinfo_link.


(christos)
diff -r1.56 -r1.57 src/lib/libc/net/getnameinfo.c
cvs diff -r1.56 -r1.57 src/lib/libc/net/getnameinfo.c (expand / switch to unified diff)

--- src/lib/libc/net/getnameinfo.c 2015/05/15 14:26:02 1.56
+++ src/lib/libc/net/getnameinfo.c 2015/09/03 15:01:19 1.57
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: getnameinfo.c,v 1.56 2015/05/15 14:26:02 joerg Exp $ */ 1/* $NetBSD: getnameinfo.c,v 1.57 2015/09/03 15:01:19 christos Exp $ */
2/* $KAME: getnameinfo.c,v 1.45 2000/09/25 22:43:56 itojun Exp $ */ 2/* $KAME: getnameinfo.c,v 1.45 2000/09/25 22:43:56 itojun Exp $ */
3 3
4/* 4/*
5 * Copyright (c) 2000 Ben Harris. 5 * Copyright (c) 2000 Ben Harris.
6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * All rights reserved. 7 * All rights reserved.
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -37,27 +37,27 @@ @@ -37,27 +37,27 @@
37 * - RFC2553 says that we should raise error on short buffer. X/Open says 37 * - RFC2553 says that we should raise error on short buffer. X/Open says
38 * we need to truncate the result. We obey RFC2553 (and X/Open should be 38 * we need to truncate the result. We obey RFC2553 (and X/Open should be
39 * modified). ipngwg rough consensus seems to follow RFC2553. 39 * modified). ipngwg rough consensus seems to follow RFC2553.
40 * - What is "local" in NI_FQDN? 40 * - What is "local" in NI_FQDN?
41 * - NI_NAMEREQD and NI_NUMERICHOST conflict with each other. 41 * - NI_NAMEREQD and NI_NUMERICHOST conflict with each other.
42 * - (KAME extension) always attach textual scopeid (fe80::1%lo0), if 42 * - (KAME extension) always attach textual scopeid (fe80::1%lo0), if
43 * sin6_scope_id is filled - standardization status? 43 * sin6_scope_id is filled - standardization status?
44 * XXX breaks backward compat for code that expects no scopeid. 44 * XXX breaks backward compat for code that expects no scopeid.
45 * beware on merge. 45 * beware on merge.
46 */ 46 */
47 47
48#include <sys/cdefs.h> 48#include <sys/cdefs.h>
49#if defined(LIBC_SCCS) && !defined(lint) 49#if defined(LIBC_SCCS) && !defined(lint)
50__RCSID("$NetBSD: getnameinfo.c,v 1.56 2015/05/15 14:26:02 joerg Exp $"); 50__RCSID("$NetBSD: getnameinfo.c,v 1.57 2015/09/03 15:01:19 christos Exp $");
51#endif /* LIBC_SCCS and not lint */ 51#endif /* LIBC_SCCS and not lint */
52 52
53#ifndef RUMP_ACTION 53#ifndef RUMP_ACTION
54#include "namespace.h" 54#include "namespace.h"
55#endif 55#endif
56#include <sys/types.h> 56#include <sys/types.h>
57#include <sys/socket.h> 57#include <sys/socket.h>
58#include <sys/un.h> 58#include <sys/un.h>
59#include <net/if.h> 59#include <net/if.h>
60#include <net/if_dl.h> 60#include <net/if_dl.h>
61#include <net/if_ieee1394.h> 61#include <net/if_ieee1394.h>
62#include <net/if_types.h> 62#include <net/if_types.h>
63#include <netatalk/at.h> 63#include <netatalk/at.h>
@@ -526,48 +526,40 @@ getnameinfo_link(const struct sockaddr * @@ -526,48 +526,40 @@ getnameinfo_link(const struct sockaddr *
526 char *host, socklen_t hostlen, char *serv, socklen_t servlen, 526 char *host, socklen_t hostlen, char *serv, socklen_t servlen,
527 int flags) 527 int flags)
528{ 528{
529 const struct sockaddr_dl *sdl = 529 const struct sockaddr_dl *sdl =
530 (const struct sockaddr_dl *)(const void *)sa; 530 (const struct sockaddr_dl *)(const void *)sa;
531 const struct ieee1394_hwaddr *iha; 531 const struct ieee1394_hwaddr *iha;
532 int n; 532 int n;
533 533
534 if (serv != NULL && servlen > 0) 534 if (serv != NULL && servlen > 0)
535 *serv = '\0'; 535 *serv = '\0';
536 536
537 if (sdl->sdl_nlen == 0 && sdl->sdl_alen == 0 && sdl->sdl_slen == 0) { 537 if (sdl->sdl_nlen == 0 && sdl->sdl_alen == 0 && sdl->sdl_slen == 0) {
538 n = snprintf(host, hostlen, "link#%u", sdl->sdl_index); 538 n = snprintf(host, hostlen, "link#%u", sdl->sdl_index);
539 if (n < 0 || (socklen_t) n > hostlen) { 539 goto out;
540 *host = '\0'; 
541 return EAI_MEMORY; 
542 } 
543 return 0; 
544 } 540 }
545 541
546 switch (sdl->sdl_type) { 542 switch (sdl->sdl_type) {
547#ifdef IFT_ECONET 543#ifdef IFT_ECONET
548 case IFT_ECONET: 544 case IFT_ECONET:
549 if (sdl->sdl_alen < 2) 545 if (sdl->sdl_alen < 2)
550 return EAI_FAMILY; 546 return EAI_FAMILY;
551 if (CLLADDR(sdl)[1] == 0) 547 if (CLLADDR(sdl)[1] == 0)
552 n = snprintf(host, hostlen, "%u", CLLADDR(sdl)[0]); 548 n = snprintf(host, hostlen, "%u", CLLADDR(sdl)[0]);
553 else 549 else
554 n = snprintf(host, hostlen, "%u.%u", 550 n = snprintf(host, hostlen, "%u.%u",
555 CLLADDR(sdl)[1], CLLADDR(sdl)[0]); 551 CLLADDR(sdl)[1], CLLADDR(sdl)[0]);
556 if (n < 0 || (socklen_t) n >= hostlen) { 552 goto out;
557 *host = '\0'; 
558 return EAI_MEMORY; 
559 } else 
560 return 0; 
561#endif 553#endif
562 case IFT_IEEE1394: 554 case IFT_IEEE1394:
563 if (sdl->sdl_alen < sizeof(iha->iha_uid)) 555 if (sdl->sdl_alen < sizeof(iha->iha_uid))
564 return EAI_FAMILY; 556 return EAI_FAMILY;
565 iha = 557 iha =
566 (const struct ieee1394_hwaddr *)(const void *)CLLADDR(sdl); 558 (const struct ieee1394_hwaddr *)(const void *)CLLADDR(sdl);
567 return hexname(iha->iha_uid, sizeof(iha->iha_uid), 559 return hexname(iha->iha_uid, sizeof(iha->iha_uid),
568 host, hostlen); 560 host, hostlen);
569 /* 561 /*
570 * The following have zero-length addresses. 562 * The following have zero-length addresses.
571 * IFT_ATM (net/if_atmsubr.c) 563 * IFT_ATM (net/if_atmsubr.c)
572 * IFT_FAITH (net/if_faith.c) 564 * IFT_FAITH (net/if_faith.c)
573 * IFT_GIF (net/if_gif.c) 565 * IFT_GIF (net/if_gif.c)
@@ -581,26 +573,32 @@ getnameinfo_link(const struct sockaddr * @@ -581,26 +573,32 @@ getnameinfo_link(const struct sockaddr *
581 /* 573 /*
582 * The following use IPv4 addresses as link-layer addresses: 574 * The following use IPv4 addresses as link-layer addresses:
583 * IFT_OTHER (net/if_gre.c) 575 * IFT_OTHER (net/if_gre.c)
584 */ 576 */
585 case IFT_ARCNET: /* default below is believed correct for all these. */ 577 case IFT_ARCNET: /* default below is believed correct for all these. */
586 case IFT_ETHER: 578 case IFT_ETHER:
587 case IFT_FDDI: 579 case IFT_FDDI:
588 case IFT_HIPPI: 580 case IFT_HIPPI:
589 case IFT_ISO88025: 581 case IFT_ISO88025:
590 default: 582 default:
591 return hexname((const uint8_t *)CLLADDR(sdl), 583 return hexname((const uint8_t *)CLLADDR(sdl),
592 (size_t)sdl->sdl_alen, host, hostlen); 584 (size_t)sdl->sdl_alen, host, hostlen);
593 } 585 }
 586out:
 587 if (n < 0 || (socklen_t) n >= hostlen) {
 588 *host = '\0';
 589 return EAI_MEMORY;
 590 }
 591 return 0;
594} 592}
595 593
596static int 594static int
597hexname(const uint8_t *cp, size_t len, char *host, socklen_t hostlen) 595hexname(const uint8_t *cp, size_t len, char *host, socklen_t hostlen)
598{ 596{
599 int n; 597 int n;
600 size_t i; 598 size_t i;
601 char *outp = host; 599 char *outp = host;
602 600
603 *outp = '\0'; 601 *outp = '\0';
604 for (i = 0; i < len; i++) { 602 for (i = 0; i < len; i++) {
605 n = snprintf(outp, hostlen, "%s%02x", 603 n = snprintf(outp, hostlen, "%s%02x",
606 i ? ":" : "", cp[i]); 604 i ? ":" : "", cp[i]);