svn commit: r357575 - head/lib/libc/net

Mark Johnston Wed, 05 Feb 2020 08:10:16 -0800

Author: markj
Date: Wed Feb  5 16:09:44 2020
New Revision: 357575
URL: https://svnweb.freebsd.org/changeset/base/357575


Log:
  Improve validation of the sockaddr length in iruserok_sa().
  
  Negative numbers are not valid sockaddr lengths.
  
  PR:           243747
  Submitted by: Andrew Reiter <arei...@veracode.com>
  MFC after:    1 week

Modified:
  head/lib/libc/net/rcmd.c

Modified: head/lib/libc/net/rcmd.c
==============================================================================
--- head/lib/libc/net/rcmd.c    Wed Feb  5 16:09:21 2020        (r357574)
+++ head/lib/libc/net/rcmd.c    Wed Feb  5 16:09:44 2020        (r357575)
@@ -438,8 +438,8 @@ iruserok_sa(const void *ra, int rlen, int superuser, c
        struct sockaddr_storage ss;
 
        /* avoid alignment issue */
-       if (rlen > sizeof(ss)) 
-               return(-1);
+       if (rlen <= 0 || rlen > sizeof(ss))
+               return (-1);
        memcpy(&ss, ra, rlen);
        raddr = (struct sockaddr *)&ss;
 
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r357575 - head/lib/libc/net

Reply via email to