Re: [PATCH,TRIVIAL] AF_UNIX, accept() and addrlen

David Miller, le Sun 23 Mar 2008 21:56:41 -0700, a écrit :
From: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>
Date: Sat, 8 Mar 2008 02:23:21 +0000

Accept and getpeername are supposed to return the amount of bytes
written in the returned address. However, on unnamed sockets, only
sizeof(short) is returned, while a 0 is put in the sun_path member.
This patch adds 1 for that additional byte.

Signed-off-by: Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>

This change isn't correct. It's the fact that the
length returned is sizeof(short) that tells the caller
that the unix socket is unnamed.

Mmm, where that is documented?

I can't find any details about that in SUS, and man 7 unix says

`If sun_path starts with a null byte ('' '), then it refers to the
abstract namespace main- tained by the Unix protocol module.'

It doesn't talk about the size being only sizeof(short) (which I guess
you meant sizeof(sa_family_t) actually).

We zero out the sun_path[0] member just to be polite and tidy.

You would break applications if you changed this, so
marking this patch as "trivial" is extremely premature.

See documentation above. If applications don't follow documentation,
then they deserve breaking :)

Note also that on some (BSD-ish) systems, sockaddr_un contains a sun_len
field, containing the length of the data, and thus on them accept and
getpeername return more that sizeof(sa_family_t) as length (it actually
returns 16). So such applications are really broken.

Samuel
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: Testing MS Security Patches?
    ... > be to test those applications on which your business depends. ... >>testing procedures before implementing MS security patches through out our ... Download the patch. ...
    (microsoft.public.security)
  • Re: Testing MS Security Patches?
    ... >implementing MS security updates on production systems. ... be to test those applications on which your business depends. ... Download the patch. ...
    (microsoft.public.security)
  • Re: Testing MS Security Patches?
    ... >> be to test those applications on which your business depends. ... >> entirely likely that they've already been tested by Microsoft. ... Download the patch. ...
    (microsoft.public.security)
  • Re: GSoC2007: cnst-sensors.2007-09-13.patch
    ... Second, since this patch is not only about the framework, but about some Super I/O Hardware Monitoring drivers too, let me once again reiterate on the popularity of the chips that are supported by the lmand itdrivers. ... On this 256th day of 2007, it is my great pleasure to announce the completion of my GSoC2007 project on porting the sysctl hardware sensors framework from OpenBSD to FreeBSD. ... sysctldocumentation for hardware sensors ...
    (freebsd-current)
  • Whats the thing? FreeBSD Security AdvisoryFreeBSD-SA-03:08.realpath (fwd)
    ... I downloaded the patch and said in /usr/src: ... The realpathfunction is part of the FreeBSD ... Applications using realpathMAY be vulnerable to denial of service ... In both of the cases above, the realpathvulnerability may be ...
    (freebsd-questions)