diff options
author | Brad Smith <brad@cvs.openbsd.org> | 2004-08-24 20:31:17 +0000 |
---|---|---|
committer | Brad Smith <brad@cvs.openbsd.org> | 2004-08-24 20:31:17 +0000 |
commit | 1eb33890a7a16ab1c66802f4b5a564bbea85dd4c (patch) | |
tree | 6eab504c76c3eb3a8464bc0cb0cd209a9ed48344 | |
parent | 1226f7235392c5d3783f7fcad964922caf72817a (diff) |
Don't allow SIOCGET{VIF,SG}CNT from sockets other than the multicast router.
From NetBSD
Fixes PR 3825
ok mcbride@ canacar@ claudio@
-rw-r--r-- | sys/netinet/in.c | 4 | ||||
-rw-r--r-- | sys/netinet/ip_mroute.c | 28 | ||||
-rw-r--r-- | sys/netinet/ip_mroute.h | 4 |
3 files changed, 20 insertions, 16 deletions
diff --git a/sys/netinet/in.c b/sys/netinet/in.c index d16fe204290..3c6310af2a1 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in.c,v 1.36 2004/06/21 23:48:09 mcbride Exp $ */ +/* $OpenBSD: in.c,v 1.37 2004/08/24 20:31:16 brad Exp $ */ /* $NetBSD: in.c,v 1.26 1996/02/13 23:41:39 christos Exp $ */ /* @@ -452,7 +452,7 @@ cleanup: #ifdef MROUTING case SIOCGETVIFCNT: case SIOCGETSGCNT: - return (mrt_ioctl(cmd, data)); + return (mrt_ioctl(so, cmd, data)); #endif /* MROUTING */ default: diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c index 95d8d539f74..3dbd4fd170b 100644 --- a/sys/netinet/ip_mroute.c +++ b/sys/netinet/ip_mroute.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_mroute.c,v 1.36 2004/01/06 17:28:32 markus Exp $ */ +/* $OpenBSD: ip_mroute.c,v 1.37 2004/08/24 20:31:16 brad Exp $ */ /* $NetBSD: ip_mroute.c,v 1.27 1996/05/07 02:40:50 thorpej Exp $ */ /* @@ -353,23 +353,27 @@ ip_mrouter_get(cmd, so, m) * Handle ioctl commands to obtain information from the cache */ int -mrt_ioctl(cmd, data) +mrt_ioctl(so, cmd, data) + struct socket *so; u_long cmd; caddr_t data; { int error; - switch (cmd) { - case SIOCGETVIFCNT: - error = get_vif_cnt((struct sioc_vif_req *)data); - break; - case SIOCGETSGCNT: - error = get_sg_cnt((struct sioc_sg_req *)data); - break; - default: + if (so != ip_mrouter) error = EINVAL; - break; - } + else + switch (cmd) { + case SIOCGETVIFCNT: + error = get_vif_cnt((struct sioc_vif_req *)data); + break; + case SIOCGETSGCNT: + error = get_sg_cnt((struct sioc_sg_req *)data); + break; + default: + error = EINVAL; + break; + } return (error); } diff --git a/sys/netinet/ip_mroute.h b/sys/netinet/ip_mroute.h index 4e834b005bc..72ce308085c 100644 --- a/sys/netinet/ip_mroute.h +++ b/sys/netinet/ip_mroute.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_mroute.h,v 1.9 2002/06/09 16:26:10 itojun Exp $ */ +/* $OpenBSD: ip_mroute.h,v 1.10 2004/08/24 20:31:16 brad Exp $ */ /* $NetBSD: ip_mroute.h,v 1.10 1996/02/13 23:42:55 christos Exp $ */ #ifndef _NETINET_IP_MROUTE_H_ @@ -215,7 +215,7 @@ struct pkt_queue { int ip_mrouter_set(int, struct socket *, struct mbuf **); int ip_mrouter_get(int, struct socket *, struct mbuf **); -int mrt_ioctl(u_long, caddr_t); +int mrt_ioctl(struct socket *, u_long, caddr_t); int ip_mrouter_done(void); void reset_vif(struct vif *); void vif_delete(struct ifnet *); |