diff options
| author |   bluhm <bluhm@openbsd.org> | 2017-08-11 19:53:02 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2017-08-11 19:53:02 +0000 |
| commit | b2a698ea6719f662ac4da32c3ddecf2a70ba1bfa (patch) | |
| tree | 22f6930257029040f57e778eac3c8e68c738b004 /sys/netinet/in.c | |
| parent | Check whether the first two characters of $HISTFILE are the magic (diff) | |
| download | wireguard-openbsd-b2a698ea6719f662ac4da32c3ddecf2a70ba1bfa.tar.xz wireguard-openbsd-b2a698ea6719f662ac4da32c3ddecf2a70ba1bfa.zip | |
Validate sockaddr from userland in central functions. This results
in common checks for unix, inet, inet6 instead of partial checks
here and there. Some checks are already done at a higher layer,
but better be paranoid with user input.
OK claudio@ millert@
Diffstat (limited to 'sys/netinet/in.c')
| -rw-r--r-- | sys/netinet/in.c | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/sys/netinet/in.c b/sys/netinet/in.c index 4aa12f06985..71e58d18943 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in.c,v 1.139 2017/05/29 14:36:22 mpi Exp $ */ +/* $OpenBSD: in.c,v 1.140 2017/08/11 19:53:02 bluhm Exp $ */ /* $NetBSD: in.c,v 1.26 1996/02/13 23:41:39 christos Exp $ */ /* @@ -164,6 +164,24 @@ in_len2mask(struct in_addr *mask, int len) p[i] = (0xff00 >> (len % 8)) & 0xff; } +int +in_nam2sin(const struct mbuf *nam, struct sockaddr_in **sin) +{ + struct sockaddr *sa = mtod(nam, struct sockaddr *); + + if (nam->m_len < offsetof(struct sockaddr, sa_data)) + return EINVAL; + if (sa->sa_family != AF_INET) + return EAFNOSUPPORT; + if (sa->sa_len != nam->m_len) + return EINVAL; + if (sa->sa_len != sizeof(struct sockaddr_in)) + return EINVAL; + *sin = satosin(sa); + + return 0; +} + /* * Generic internet control operations (ioctl's). */ |