diff options
author | 2008-03-24 16:07:37 +0000 | |
---|---|---|
committer | 2008-03-24 16:07:37 +0000 | |
commit | 1b373d95a3cd9be4650f2188421c16de78cfd118 (patch) | |
tree | 1079a682b2f825a58e6c1c52c24d99ff7460772c | |
parent | - since we are in control of shared library versions, advise people to (diff) | |
download | wireguard-openbsd-1b373d95a3cd9be4650f2188421c16de78cfd118.tar.xz wireguard-openbsd-1b373d95a3cd9be4650f2188421c16de78cfd118.zip |
We were led astray (like many others before us) to believe that
msg_controllen should be CMSG_LEN() instead of CMSG_SPACE() because
the kernel fd passing code was erroring out when
"cm->cmsg_len != control->m_len"
instead of
"CMSG_ALIGN(cm->cmsg_len) != control->m_len".
On machines with 16-byte alignment, when one thinks about how the ALIGN
padding happens, it is clear that msg_controllen has to be CMSG_SPACE()
or the kernel cannot hope to bounds check the messages correctly.
For now, change the check to cm->cmsg_len > control->m_len to permit the
old ABI to continue working. Later perhaps when all the old binaries
are gone we can stop permitting their use.
lots of discussion with kettenis
-rw-r--r-- | sys/kern/uipc_usrreq.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index 104ac5f0ca4..2d8e791aaf3 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_usrreq.c,v 1.37 2007/11/28 16:56:46 tedu Exp $ */ +/* $OpenBSD: uipc_usrreq.c,v 1.38 2008/03/24 16:07:37 deraadt Exp $ */ /* $NetBSD: uipc_usrreq.c,v 1.18 1996/02/09 19:00:50 christos Exp $ */ /* @@ -733,8 +733,16 @@ unp_internalize(struct mbuf *control, struct proc *p) int i, error; int nfds, *ip, fd, neededspace; + /* XXX + * To be more strict with the API/ABI, the following check for + * cm->cmsg_len > control->m_len + * should be changed to + * CMSG_ALIGN(cm->cmsg_len) != control->m_len + * after 4.3 is released (and all callers correctly set msg_controllen + * using CMSG_SPACE(). In particular, sparc64 alignment changes. + */ if (cm->cmsg_type != SCM_RIGHTS || cm->cmsg_level != SOL_SOCKET || - cm->cmsg_len != control->m_len) + cm->cmsg_len > control->m_len) return (EINVAL); nfds = (cm->cmsg_len - CMSG_ALIGN(sizeof(*cm))) / sizeof (int); |