diff options
| author |   millert <millert@openbsd.org> | 2019-11-04 17:33:28 +0000 |
|---|---|---|
| committer | millert <millert@openbsd.org> | 2019-11-04 17:33:28 +0000 |
| commit | db8da9c7e033587d91c43fee9b36cfc16b020783 (patch) | |
| tree | cc72feca0aaccf916a1214b612973d700956c3f4 | |
| parent | Apply more 'static' to help the compiler (diff) | |
| download | wireguard-openbsd-db8da9c7e033587d91c43fee9b36cfc16b020783.tar.xz wireguard-openbsd-db8da9c7e033587d91c43fee9b36cfc16b020783.zip | |
Fix an out of bound read/write when using a proxy.
From Lucas AT sexy DOT is. OK job@ kn@
| -rw-r--r-- | usr.bin/nc/netcat.c | 26 | ||||
| -rw-r--r-- | usr.bin/nc/socks.c | 6 |
2 files changed, 21 insertions, 11 deletions
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c index 503e9aa2b55..a53fe1c4cd6 100644 --- a/usr.bin/nc/netcat.c +++ b/usr.bin/nc/netcat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: netcat.c,v 1.209 2019/10/24 12:48:54 job Exp $ */ +/* $OpenBSD: netcat.c,v 1.210 2019/11/04 17:33:28 millert Exp $ */ /* * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> * Copyright (c) 2015 Bob Beck. All rights reserved. @@ -705,8 +705,12 @@ main(int argc, char *argv[]) fprintf(stderr, "Connection to %s", host); - /* if there is something to report, print IP */ - if (!nflag && (strcmp(host, ipaddr) != 0)) + /* + * if we aren't connecting thru a proxy and + * there is something to report, print IP + */ + if (!nflag && !xflag + && (strcmp(host, ipaddr) != 0)) fprintf(stderr, " (%s)", ipaddr); fprintf(stderr, " %s port [%s/%s] succeeded!\n", @@ -959,12 +963,17 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, set_common_sockopts(s, res->ai_family); - if ((herr = getnameinfo(res->ai_addr, res->ai_addrlen, ipaddr, - NI_MAXHOST, NULL, 0, NI_NUMERICHOST)) != 0) { - if (herr == EAI_SYSTEM) + if (ipaddr != NULL) { + herr = getnameinfo(res->ai_addr, res->ai_addrlen, + ipaddr, NI_MAXHOST, NULL, 0, NI_NUMERICHOST); + switch (herr) { + case 0: + break; + case EAI_SYSTEM: err(1, "getnameinfo"); - else + default: errx(1, "getnameinfo: %s", gai_strerror(herr)); + } } if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0) @@ -972,7 +981,8 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, if (vflag) { /* only print IP if there is something to report */ - if (nflag || (strncmp(host, ipaddr, NI_MAXHOST) == 0)) + if (nflag || ipaddr == NULL || + (strncmp(host, ipaddr, NI_MAXHOST) == 0)) warn("connect to %s port %s (%s) failed", host, port, uflag ? "udp" : "tcp"); else diff --git a/usr.bin/nc/socks.c b/usr.bin/nc/socks.c index 5ec5c95cd61..9766be7da49 100644 --- a/usr.bin/nc/socks.c +++ b/usr.bin/nc/socks.c @@ -1,4 +1,4 @@ -/* $OpenBSD: socks.c,v 1.29 2019/07/29 15:19:03 benno Exp $ */ +/* $OpenBSD: socks.c,v 1.30 2019/11/04 17:33:28 millert Exp $ */ /* * Copyright (c) 1999 Niklas Hallqvist. All rights reserved. @@ -53,7 +53,7 @@ #define SOCKS_DOMAIN 3 #define SOCKS_IPV6 4 -int remote_connect(const char *, const char *, struct addrinfo); +int remote_connect(const char *, const char *, struct addrinfo, char *); int socks_connect(const char *, const char *, struct addrinfo, const char *, const char *, struct addrinfo, int, const char *); @@ -201,7 +201,7 @@ socks_connect(const char *host, const char *port, if (authretry++ > 3) errx(1, "Too many authentication failures"); - proxyfd = remote_connect(proxyhost, proxyport, proxyhints); + proxyfd = remote_connect(proxyhost, proxyport, proxyhints, NULL); if (proxyfd < 0) return (-1); |