diff options
author | millert <millert@openbsd.org> | 2020-05-21 15:38:05 +0000 |
---|---|---|
committer | millert <millert@openbsd.org> | 2020-05-21 15:38:05 +0000 |
commit | 671d2f920b9aa580c11189e74a65aca8ed8c1b49 (patch) | |
tree | 4b1194475079db00047b3b69faae863ccb79dcfe /usr.sbin/smtpd | |
parent | Fix stripcom() description wrt. comments not on their own line (diff) | |
download | wireguard-openbsd-671d2f920b9aa580c11189e74a65aca8ed8c1b49.tar.xz wireguard-openbsd-671d2f920b9aa580c11189e74a65aca8ed8c1b49.zip |
Correct getsockname(2)/getpeername(2) usage.
Fixes an uninitialized variable and a potential stack overflow
with IPv6 connections. From Leah Neukirchen; OK eric@ deraadt@
Diffstat (limited to 'usr.sbin/smtpd')
-rw-r--r-- | usr.sbin/smtpd/mta_session.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/usr.sbin/smtpd/mta_session.c b/usr.sbin/smtpd/mta_session.c index fa7c7e1ce0d..d384692a0e4 100644 --- a/usr.sbin/smtpd/mta_session.c +++ b/usr.sbin/smtpd/mta_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mta_session.c,v 1.135 2020/04/24 11:34:07 eric Exp $ */ +/* $OpenBSD: mta_session.c,v 1.136 2020/05/21 15:38:05 millert Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -1809,21 +1809,25 @@ mta_filter_end(struct mta_session *s) static void mta_connected(struct mta_session *s) { - struct sockaddr sa_src; - struct sockaddr sa_dest; + struct sockaddr_storage sa_src; + struct sockaddr_storage sa_dest; int sa_len; log_info("%016"PRIx64" mta connected", s->id); - if (getsockname(io_fileno(s->io), &sa_src, &sa_len) == -1) + sa_len = sizeof sa_src; + if (getsockname(io_fileno(s->io), + (struct sockaddr *)&sa_src, &sa_len) == -1) bzero(&sa_src, sizeof sa_src); - if (getpeername(io_fileno(s->io), &sa_dest, &sa_len) == -1) + sa_len = sizeof sa_dest; + if (getpeername(io_fileno(s->io), + (struct sockaddr *)&sa_dest, &sa_len) == -1) bzero(&sa_dest, sizeof sa_dest); mta_report_link_connect(s, s->route->dst->ptrname, 1, - (struct sockaddr_storage *)&sa_src, - (struct sockaddr_storage *)&sa_dest); + &sa_src, + &sa_dest); } static void |