Module Name: src Committed By: christos Date: Wed May 11 00:38:28 UTC 2011
Modified Files: src/usr.sbin/traceroute: ifaddrlist.c ifaddrlist.h Log Message: Don't use a static buffer for ifaddrs (and not check for overflowing it!) (speciallly if you are setuid!) To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/usr.sbin/traceroute/ifaddrlist.c cvs rdiff -u -r1.2 -r1.3 src/usr.sbin/traceroute/ifaddrlist.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/usr.sbin/traceroute/ifaddrlist.c diff -u src/usr.sbin/traceroute/ifaddrlist.c:1.8 src/usr.sbin/traceroute/ifaddrlist.c:1.9 --- src/usr.sbin/traceroute/ifaddrlist.c:1.8 Mon May 9 21:52:49 2011 +++ src/usr.sbin/traceroute/ifaddrlist.c Tue May 10 20:38:28 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: ifaddrlist.c,v 1.8 2011/05/10 01:52:49 christos Exp $ */ +/* $NetBSD: ifaddrlist.c,v 1.9 2011/05/11 00:38:28 christos Exp $ */ /* * Copyright (c) 1997 @@ -39,7 +39,7 @@ static const char rcsid[] = "@(#) Header: ifaddrlist.c,v 1.2 97/04/22 13:31:05 leres Exp (LBL)"; #else -__RCSID("$NetBSD: ifaddrlist.c,v 1.8 2011/05/10 01:52:49 christos Exp $"); +__RCSID("$NetBSD: ifaddrlist.c,v 1.9 2011/05/11 00:38:28 christos Exp $"); #endif #endif @@ -82,29 +82,23 @@ #define ISLOOPBACK(p) (strcmp((p)->ifa_name, "lo0") == 0) #endif -#define MAX_IPADDR 256 - /* * Return the interface list */ -int -ifaddrlist(struct ifaddrlist **ipaddrp, char *errbuf, int buflen) +ssize_t +ifaddrlist(struct ifaddrlist **ipaddrp, char *errbuf, size_t buflen) { - int nipaddr; struct sockaddr_in *sin; - struct ifaddrs *ifap, *ifa; - struct ifaddrlist *al; - static struct ifaddrlist xifaddrlist[MAX_IPADDR]; - - al = xifaddrlist; - nipaddr = 0; - - if (getifaddrs(&ifap) != 0) { - (void)snprintf(errbuf, buflen, "getifaddrs: %s", - strerror(errno)); - return (-1); - } - + struct ifaddrs *ifap = NULL, *ifa; + struct ifaddrlist *al = NULL, *nal; + size_t i = 0, maxal = 10; + + if (getifaddrs(&ifap) != 0) + goto out; + + if ((al = malloc(maxal * sizeof(*al))) == NULL) + goto out; + for (ifa = ifap; ifa; ifa = ifa->ifa_next) { if (ifa->ifa_addr->sa_family != AF_INET) continue; @@ -121,12 +115,31 @@ if (ntohl(sin->sin_addr.s_addr) == INADDR_LOOPBACK) continue; - al->addr = sin->sin_addr.s_addr; - al->device = strdup(ifa->ifa_name); - ++al; - ++nipaddr; + if (i == maxal) { + maxal <<= 1; + if ((nal = realloc(al, maxal * sizeof(*al))) == NULL) + goto out; + al = nal; + } + + al[i].addr = sin->sin_addr.s_addr; + if ((al[i].device = strdup(ifa->ifa_name)) == NULL) + goto out; + i++; } - *ipaddrp = xifaddrlist; + if ((nal = realloc(al, i * sizeof(*al))) == NULL) + goto out; freeifaddrs(ifap); - return (nipaddr); + *ipaddrp = nal; + return (ssize_t)i; +out: + if (ifap) + freeifaddrs(ifap); + if (al) { + while (i > 0) + free(al[--i].device); + free(al); + } + (void)snprintf(errbuf, buflen, "%s: %s", __func__, strerror(errno)); + return -1; } Index: src/usr.sbin/traceroute/ifaddrlist.h diff -u src/usr.sbin/traceroute/ifaddrlist.h:1.2 src/usr.sbin/traceroute/ifaddrlist.h:1.3 --- src/usr.sbin/traceroute/ifaddrlist.h:1.2 Sat Jul 4 16:47:24 1998 +++ src/usr.sbin/traceroute/ifaddrlist.h Tue May 10 20:38:28 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: ifaddrlist.h,v 1.2 1998/07/04 20:47:24 mrg Exp $ */ +/* $NetBSD: ifaddrlist.h,v 1.3 2011/05/11 00:38:28 christos Exp $ */ /* * Copyright (c) 1997 @@ -24,8 +24,8 @@ */ struct ifaddrlist { - u_int32_t addr; + uint32_t addr; char *device; }; -int ifaddrlist(struct ifaddrlist **, char *, int); +ssize_t ifaddrlist(struct ifaddrlist **, char *, size_t);