In the manner of recent changes to unwind(8) and slaacd(8), make imsg

processing more paranoid. Call fatalx() for imsg size mismatches or unexpected/missing imsg fd. OK florian@
author: pamela <pamela@openbsd.org> 2019-03-12 18:47:57 +0000
committer: pamela <pamela@openbsd.org> 2019-03-12 18:47:57 +0000
commit: 0eb5c43b439916044e5a701b69e40930f83c96ea (patch)
tree: 4e63593ce0fbe0fdc7922ee602075a4309e869d2 /usr.sbin/rad/engine.c
parent: Fix HPA in origin mode. (diff)
download: wireguard-openbsd-0eb5c43b439916044e5a701b69e40930f83c96ea.tar.xz
wireguard-openbsd-0eb5c43b439916044e5a701b69e40930f83c96ea.zip
1 files changed, 33 insertions, 10 deletions
diff --git a/usr.sbin/rad/engine.c b/usr.sbin/rad/engine.c
index 9553f1e8d73..4e6089713ef 100644
--- a/usr.sbin/rad/engine.c
+++ b/usr.sbin/rad/engine.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: engine.c,v 1.12 2019/03/11 16:03:20 pamela Exp $	*/
+/*	$OpenBSD: engine.c,v 1.13 2019/03/12 18:47:57 pamela Exp $	*/
 
 /*
  * Copyright (c) 2018 Florian Obser <florian@openbsd.org>
@@ -232,7 +232,9 @@ engine_dispatch_frontend(int fd, short event, void *bula)
 			remove_iface(if_index);
 			break;
 		case IMSG_CTL_LOG_VERBOSE:
-			/* Already checked by frontend. */
+			if (IMSG_DATA_SIZE(imsg) != sizeof(verbose))
+				fatalx("%s: IMSG_CTL_LOG_VERBOSE wrong length: "
+				    "%lu", __func__, IMSG_DATA_SIZE(imsg));
 			memcpy(&verbose, imsg.data, sizeof(verbose));
 			log_setverbose(verbose);
 			break;
@@ -294,16 +296,13 @@ engine_dispatch_main(int fd, short event, void *bula)
 			 * Setup pipe and event handler to the frontend
 			 * process.
 			 */
-			if (iev_frontend) {
-				log_warnx("%s: received unexpected imsg fd "
+			if (iev_frontend)
+				fatalx("%s: received unexpected imsg fd "
 				    "to engine", __func__);
-				break;
-			}
-			if ((fd = imsg.fd) == -1) {
-				log_warnx("%s: expected to receive imsg fd to "
+
+			if ((fd = imsg.fd) == -1)
+				fatalx("%s: expected to receive imsg fd to "
 				   "engine but didn't receive any", __func__);
-				break;
-			}
 
 			iev_frontend = malloc(sizeof(struct imsgev));
 			if (iev_frontend == NULL)
@@ -319,6 +318,8 @@ engine_dispatch_main(int fd, short event, void *bula)
 			event_add(&iev_frontend->ev, NULL);
 			break;
 		case IMSG_RECONF_CONF:
+			if (IMSG_DATA_SIZE(imsg) != sizeof(struct rad_conf))
+				fatalx("%s: IMSG_RECONF_CONF wrong length: %lu",				    __func__, IMSG_DATA_SIZE(imsg));
 			if ((nconf = malloc(sizeof(struct rad_conf))) == NULL)
 				fatal(NULL);
 			memcpy(nconf, imsg.data, sizeof(struct rad_conf));
@@ -328,6 +329,10 @@ engine_dispatch_main(int fd, short event, void *bula)
 			ra_options = &nconf->ra_options;
 			break;
 		case IMSG_RECONF_RA_IFACE:
+			if (IMSG_DATA_SIZE(imsg) != sizeof(struct
+			    ra_iface_conf))
+				fatalx("%s: IMSG_RECONF_RA_IFACE wrong length: "
+				    "%lu", __func__, IMSG_DATA_SIZE(imsg));
 			if ((ra_iface_conf = malloc(sizeof(struct
 			    ra_iface_conf))) == NULL)
 				fatal(NULL);
@@ -342,6 +347,11 @@ engine_dispatch_main(int fd, short event, void *bula)
 			ra_options = &ra_iface_conf->ra_options;
 			break;
 		case IMSG_RECONF_RA_AUTOPREFIX:
+			if (IMSG_DATA_SIZE(imsg) != sizeof(struct
+			    ra_prefix_conf))
+				fatalx("%s: IMSG_RECONF_RA_AUTOPREFIX wrong "
+				    "length: %lu", __func__,
+				    IMSG_DATA_SIZE(imsg));
 			if ((ra_iface_conf->autoprefix = malloc(sizeof(struct
 			    ra_prefix_conf))) == NULL)
 				fatal(NULL);
@@ -349,6 +359,11 @@ engine_dispatch_main(int fd, short event, void *bula)
 			    sizeof(struct ra_prefix_conf));
 			break;
 		case IMSG_RECONF_RA_PREFIX:
+			if (IMSG_DATA_SIZE(imsg) != sizeof(struct
+			    ra_prefix_conf))
+				fatalx("%s: IMSG_RECONF_RA_PREFIX wrong "
+				    "length: %lu", __func__,
+				    IMSG_DATA_SIZE(imsg));
 			if ((ra_prefix_conf = malloc(sizeof(struct
 			    ra_prefix_conf))) == NULL)
 				fatal(NULL);
@@ -358,6 +373,10 @@ engine_dispatch_main(int fd, short event, void *bula)
 			    ra_prefix_conf, entry);
 			break;
 		case IMSG_RECONF_RA_RDNSS:
+			if(IMSG_DATA_SIZE(imsg) != sizeof(struct
+			    ra_rdnss_conf))
+				fatalx("%s: IMSG_RECONF_RA_RDNSS wrong length: "
+				    "%lu", __func__, IMSG_DATA_SIZE(imsg));
 			if ((ra_rdnss_conf = malloc(sizeof(struct
 			    ra_rdnss_conf))) == NULL)
 				fatal(NULL);
@@ -367,6 +386,10 @@ engine_dispatch_main(int fd, short event, void *bula)
 			    ra_rdnss_conf, entry);
 			break;
 		case IMSG_RECONF_RA_DNSSL:
+			if(IMSG_DATA_SIZE(imsg) != sizeof(struct
+			    ra_dnssl_conf))
+				fatalx("%s: IMSG_RECONF_RA_DNSSL wrong length: "
+				    "%lu", __func__, IMSG_DATA_SIZE(imsg));
 			if ((ra_dnssl_conf = malloc(sizeof(struct
 			    ra_dnssl_conf))) == NULL)
 				fatal(NULL);
author	pamela <pamela@openbsd.org>	2019-03-12 18:47:57 +0000
committer	pamela <pamela@openbsd.org>	2019-03-12 18:47:57 +0000
commit	0eb5c43b439916044e5a701b69e40930f83c96ea (patch)
tree	4e63593ce0fbe0fdc7922ee602075a4309e869d2 /usr.sbin/rad/engine.c
parent	Fix HPA in origin mode. (diff)
download	wireguard-openbsd-0eb5c43b439916044e5a701b69e40930f83c96ea.tar.xz wireguard-openbsd-0eb5c43b439916044e5a701b69e40930f83c96ea.zip