diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2002-05-23 10:22:15 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2002-05-23 10:22:15 +0000 |
commit | 7aeabb34dd6a631a9f0bb37e752a92540ddde9bd (patch) | |
tree | 196b2ea7af4144f31e0143b59af83fd1d3a7efcc /libexec | |
parent | 08177e7aa64a33423c7819180b751557a618760c (diff) |
KNF during an audit; found an improperly initialized sockaddr
Diffstat (limited to 'libexec')
-rw-r--r-- | libexec/ftp-proxy/Makefile | 4 | ||||
-rw-r--r-- | libexec/ftp-proxy/ftp-proxy.8 | 18 | ||||
-rw-r--r-- | libexec/ftp-proxy/ftp-proxy.c | 50 | ||||
-rw-r--r-- | libexec/ftp-proxy/getline.c | 82 | ||||
-rw-r--r-- | libexec/ftp-proxy/util.c | 10 | ||||
-rw-r--r-- | libexec/ftp-proxy/util.h | 39 |
6 files changed, 85 insertions, 118 deletions
diff --git a/libexec/ftp-proxy/Makefile b/libexec/ftp-proxy/Makefile index d03a20324cd..99a2b68d460 100644 --- a/libexec/ftp-proxy/Makefile +++ b/libexec/ftp-proxy/Makefile @@ -1,9 +1,9 @@ -# $OpenBSD: Makefile,v 1.1 2001/08/19 04:11:11 beck Exp $ +# $OpenBSD: Makefile,v 1.2 2002/05/23 10:22:14 deraadt Exp $ # @(#)Makefile 8.2 (Berkeley) 4/4/94 PROG= ftp-proxy CFLAGS+=-Wall -Werror -SRCS= ftp-proxy.c getline.c util.c +SRCS= ftp-proxy.c getline.c util.c MAN= ftp-proxy.8 .include <bsd.own.mk> diff --git a/libexec/ftp-proxy/ftp-proxy.8 b/libexec/ftp-proxy/ftp-proxy.8 index fe64845b5a0..5b7e7f60943 100644 --- a/libexec/ftp-proxy/ftp-proxy.8 +++ b/libexec/ftp-proxy/ftp-proxy.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ftp-proxy.8,v 1.16 2002/05/19 22:51:32 millert Exp $ +.\" $OpenBSD: ftp-proxy.8,v 1.17 2002/05/23 10:22:14 deraadt Exp $ .\" .\" Copyright (c) 1996-2001 .\" Obtuse Systems Corporation, All rights reserved. @@ -61,24 +61,24 @@ The proxy will allow connections to log in to other sites as the user "ftp" or "anonymous" only. Any attempt to log in as another user will be blocked by the proxy. .It Fl g Ar groupname -specify the named group to drop group privileges to, after doing pf lookups +Specify the named group to drop group privileges to, after doing pf lookups which require root. By default .Nm ftp-proxy uses the default group of the user it drops privilege to. .It Fl u Ar username -specify the named user to drop privilege to, after doing pf lookups +Specify the named user to drop privilege to, after doing pf lookups which require root privilege. By default .Nm ftp-proxy drops privilege to the user .Em proxy . -.Pp +.Pp Running as root means that the source of data connections the proxy makes for PORT and EPRT will be the RFC mandated port 20. When running as a non-root user the source of the data connections from .Nm ftp-proxy -will be chosen randomly from the range +will be chosen randomly from the range .Nm minport to .Nm maxport @@ -120,26 +120,26 @@ Use reverse host (reverse DNS) lookups for logging and libwrap use. By default the proxy does not look up hostnames for libwrap or logging purposes. .It Fl m Ar minport -specify the lower end of the port range the proxy will use for all +Specify the lower end of the port range the proxy will use for all data connections it establishes. The default is .Ev IPPORT_HIFIRSTAUTO defined in <netinet/in.h> as 49152. .It Fl M Ar maxport -specify the upper end of the port range the proxy will use for the +Specify the upper end of the port range the proxy will use for the data connections it establishes. The default is .Ev IPPORT_HILASTAUTO defined in <netinet/in.h> as 65535. .It Fl t Ar timeout -specifies a timeout, in seconds. +Specifies a timeout, in seconds. The proxy will exit and close open connections if it sees no data the duration of the timeout. The default is 0, which means the proxy will not time out. .It Fl D Ar debuglevel -specify a debug level, where the proxy emits verbose debug output +Specify a debug level, where the proxy emits verbose debug output into .Xr syslog 8 at level LOG_DEBUG. diff --git a/libexec/ftp-proxy/ftp-proxy.c b/libexec/ftp-proxy/ftp-proxy.c index 24840acde15..d9615693dc9 100644 --- a/libexec/ftp-proxy/ftp-proxy.c +++ b/libexec/ftp-proxy/ftp-proxy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ftp-proxy.c,v 1.20 2002/03/12 08:01:51 dhartmei Exp $ */ +/* $OpenBSD: ftp-proxy.c,v 1.21 2002/05/23 10:22:14 deraadt Exp $ */ /* * Copyright (c) 1996-2001 @@ -170,7 +170,6 @@ usage() exit(EX_USAGE); } - static void close_client_data() { @@ -181,7 +180,6 @@ close_client_data() } } - static void close_server_data() { @@ -192,7 +190,6 @@ close_server_data() } } - static void drop_privs() { @@ -255,17 +252,15 @@ check_host(struct sockaddr_in *client_sin, struct sockaddr_in *server_sin) * the tcp wrapper cares about these things, and we don't * want to pass in a printed address as a name. */ - i = getnameinfo( - (struct sockaddr *) &client_sin->sin_addr, - sizeof(&client_sin->sin_addr), cname, - sizeof(cname), NULL, 0, NI_NAMEREQD); + i = getnameinfo((struct sockaddr *) &client_sin->sin_addr, + sizeof(&client_sin->sin_addr), cname, sizeof(cname), + NULL, 0, NI_NAMEREQD); if (i == -1) strlcpy(cname, STRING_UNKNOWN, sizeof(cname)); - i = getnameinfo( - (struct sockaddr *)&server_sin->sin_addr, - sizeof(&server_sin->sin_addr), sname, - sizeof(sname), NULL, 0, NI_NAMEREQD); + i = getnameinfo((struct sockaddr *)&server_sin->sin_addr, + sizeof(&server_sin->sin_addr), sname, sizeof(sname), + NULL, 0, NI_NAMEREQD); if (i == -1) strlcpy(sname, STRING_UNKNOWN, sizeof(sname)); } else { @@ -425,7 +420,7 @@ new_dataconn(int server) close_server_data(); if (server) { - bzero (&server_listen_sa, sizeof(server_listen_sa)); + bzero(&server_listen_sa, sizeof(server_listen_sa)); server_listen_socket = get_backchannel_socket(SOCK_STREAM, min_port, max_port, -1, 1, &server_listen_sa); @@ -456,8 +451,6 @@ new_dataconn(int server) return(0); } - - static void connect_pasv_backchannel() { @@ -468,7 +461,6 @@ connect_pasv_backchannel() * We are about to accept a connection from the client. * This is a PASV data connection. */ - debuglog(2, "client listen socket ready\n"); close_server_data(); @@ -502,8 +494,6 @@ connect_pasv_backchannel() xfer_start_time = wallclock_time(); } - - static void connect_port_backchannel() { @@ -514,7 +504,6 @@ connect_port_backchannel() * We are about to accept a connection from the server. * This is a PORT or EPRT data connection. */ - debuglog(2, "server listen socket ready\n"); close_server_data(); @@ -582,7 +571,6 @@ connect_port_backchannel() xfer_start_time = wallclock_time(); } - void do_client_cmd(struct csiob *client, struct csiob *server) { @@ -779,14 +767,14 @@ out: exit(EX_DATAERR); } - for (i = 0; i<6; i++) + for (i = 0; i<6; i++) { if (values[i] > 255) { syslog(LOG_INFO, "malformed PORT command (%s)", client->line_buffer); exit(EX_DATAERR); } - + } client_listen_sa.sin_family = AF_INET; client_listen_sa.sin_addr.s_addr = htonl((values[0] << 24) | @@ -810,12 +798,12 @@ out: ntohs(server_listen_sa.sin_port)); snprintf(tbuf, sizeof(tbuf), "PORT %u,%u,%u,%u,%u,%u\r\n", - ((u_char *)&server->sa.sin_addr.s_addr)[0], - ((u_char *)&server->sa.sin_addr.s_addr)[1], - ((u_char *)&server->sa.sin_addr.s_addr)[2], - ((u_char *)&server->sa.sin_addr.s_addr)[3], - ((u_char *)&server_listen_sa.sin_port)[0], - ((u_char *)&server_listen_sa.sin_port)[1]); + ((u_char *)&server->sa.sin_addr.s_addr)[0], + ((u_char *)&server->sa.sin_addr.s_addr)[1], + ((u_char *)&server->sa.sin_addr.s_addr)[2], + ((u_char *)&server->sa.sin_addr.s_addr)[3], + ((u_char *)&server_listen_sa.sin_port)[0], + ((u_char *)&server_listen_sa.sin_port)[1]); debuglog(1, "to server(modified): %s", tbuf); @@ -878,8 +866,8 @@ do_server_reply(struct csiob *server, struct csiob *client) } if (*p == '-') continuing = 1; - else - continuing = 0; + else + continuing = 0; if (code == 227 && !NatMode) { unsigned int values[6]; u_char *tailptr; @@ -896,7 +884,7 @@ do_server_reply(struct csiob *server, struct csiob *client) exit(EX_DATAERR); } } - tailptr++; /* skip past space or ( */ + tailptr++; /* skip past space or ( */ byte_number = 0; values[0] = 0; diff --git a/libexec/ftp-proxy/getline.c b/libexec/ftp-proxy/getline.c index f01bbd02c4a..01f55772069 100644 --- a/libexec/ftp-proxy/getline.c +++ b/libexec/ftp-proxy/getline.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getline.c,v 1.7 2001/12/07 18:45:32 mpech Exp $ */ +/* $OpenBSD: getline.c,v 1.8 2002/05/23 10:22:14 deraadt Exp $ */ /* * Copyright (c) 1985, 1988 Regents of the University of California. @@ -62,14 +62,13 @@ int refill_buffer(struct csiob *iobp) { int rqlen, rlen; - - if (!(iobp->data_available)) + + if (!(iobp->data_available)) return(0); - - + if (iobp->got_eof) return(0); - + /* * The buffer has been entirely consumed if next_byte == io_buffer_len. * Otherwise, there is some still-to-be-used data in io_buffer. @@ -79,13 +78,10 @@ refill_buffer(struct csiob *iobp) * overlap (memcpy isn't defined to work properly with overlapping * regions). */ - if (iobp->next_byte < iobp->io_buffer_len) { - int dst_ix, src_ix; - int amount; - dst_ix = 0; - src_ix = iobp->next_byte; - amount = iobp->io_buffer_len - iobp->next_byte; + int dst_ix = 0; + int src_ix = iobp->next_byte; + int amount = iobp->io_buffer_len - iobp->next_byte; bcopy(&iobp->io_buffer[src_ix], &iobp->io_buffer[dst_ix], amount); @@ -97,13 +93,13 @@ refill_buffer(struct csiob *iobp) iobp->next_byte, iobp->io_buffer_len); exit(EX_OSERR); } - + iobp->next_byte = 0; - + /* don't do tiny reads, grow first if we need to */ rqlen = iobp->io_buffer_size - iobp->io_buffer_len; if (rqlen <= 128) { - char * tmp; + char *tmp; iobp->io_buffer_size += 128; tmp = realloc(iobp->io_buffer, iobp->io_buffer_size); @@ -111,10 +107,10 @@ refill_buffer(struct csiob *iobp) syslog(LOG_INFO, "Insufficient memory"); exit(EX_UNAVAILABLE); } - iobp->io_buffer = tmp; + iobp->io_buffer = tmp; rqlen = iobp->io_buffer_size - iobp->io_buffer_len; } - + /* * Always leave an unused byte at the end of the buffer * because the debug output uses that byte from time to time @@ -126,7 +122,6 @@ refill_buffer(struct csiob *iobp) rlen = read(iobp->fd, &iobp->io_buffer[iobp->io_buffer_len], rqlen); iobp->data_available = 0; switch (rlen) { - case -1: if (errno == EAGAIN || errno == EINTR) goto doread; @@ -136,15 +131,13 @@ refill_buffer(struct csiob *iobp) exit(EX_DATAERR); } /* fall through to EOF case */ - case 0: iobp->got_eof = 1; return(0); break; - default: iobp->io_buffer_len += rlen; - + break; } return(1); } @@ -163,38 +156,34 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough) unsigned char ch; int ix; char tbuf[100]; - + iobp->line_buffer[0] = '\0'; - + /* * If the buffer is empty then refill it right away. */ - if (iobp->next_byte == iobp->io_buffer_len) if (!refill_buffer(iobp)) return(0); - + /* * Is there a telnet command in the buffer? */ - ch = iobp->io_buffer[iobp->next_byte]; if (ch == IAC) { - /* * Yes - buffer must have at least three bytes in it */ - if (iobp->io_buffer_len - iobp->next_byte < 3) { if (!refill_buffer(iobp)) return(0); if (iobp->io_buffer_len - iobp->next_byte < 3) return(0); } - + iobp->next_byte++; ch = iobp->io_buffer[iobp->next_byte++]; - + switch (ch) { case WILL: case WONT: @@ -203,26 +192,22 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough) tbuf[0] = IAC; tbuf[1] = ch; tbuf[2] = iobp->io_buffer[iobp->next_byte++]; - (void)send(telnet_passthrough->fd,tbuf,3, + (void)send(telnet_passthrough->fd, tbuf, 3, telnet_passthrough->send_oob_flags); break; - case IAC: break; - default: break; } return(1); - } else { int clen; - + /* * Is there a newline in the buffer? */ - - for (ix = iobp->next_byte; ix < iobp->io_buffer_len; + for (ix = iobp->next_byte; ix < iobp->io_buffer_len; ix += 1) { if (iobp->io_buffer[ix] == '\n') break; @@ -232,19 +217,18 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough) iobp->who); exit(EX_DATAERR); } - } - + if (ix == iobp->io_buffer_len) { if (!refill_buffer(iobp)) return(0); - /* - * Empty line returned + /* + * Empty line returned * will try again soon! */ - return(1); + return(1); } - + /* * Expand the line buffer if it isn't big enough. We * use a fudge factor of 5 rather than trying to @@ -252,14 +236,13 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough) * such. The correct fudge factor is 0, 1 or 2 but * anything higher also works. We also grow it by a * bunch to avoid having to do this often. Yes this is - * nasty. + * nasty. */ - if (ix - iobp->next_byte > iobp->line_buffer_size - 5) { - char * tmp; + char *tmp; iobp->line_buffer_size = 256 + ix - iobp->next_byte; - tmp = realloc(iobp->line_buffer, + tmp = realloc(iobp->line_buffer, iobp->line_buffer_size); if (tmp == NULL) { syslog(LOG_INFO, "Insufficient memory"); @@ -267,7 +250,7 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough) } iobp->line_buffer = tmp; } - + /* +1 is for the newline */ clen = (ix+1) - iobp->next_byte; while (clen > 0 && isspace(iobp->io_buffer[iobp->next_byte])) { @@ -278,9 +261,6 @@ telnet_getline(struct csiob *iobp, struct csiob *telnet_passthrough) clen); iobp->next_byte += clen; iobp->line_buffer[clen] = '\0'; - return(1); - } - } diff --git a/libexec/ftp-proxy/util.c b/libexec/ftp-proxy/util.c index 86b18da0fa5..39964b468fa 100644 --- a/libexec/ftp-proxy/util.c +++ b/libexec/ftp-proxy/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.7 2002/02/15 12:40:59 mpech Exp $ */ +/* $OpenBSD: util.c,v 1.8 2002/05/23 10:22:14 deraadt Exp $ */ /* * Copyright (c) 1996-2001 @@ -142,7 +142,6 @@ get_proxy_env(int connected_fd, struct sockaddr_in *real_server_sa_ptr, * Transfer one unit of data across a pair of sockets * * A unit of data is as much as we get with a single read(2) call. - * */ int xfer_data(const char *what_read,int from_fd, int to_fd, struct in_addr from, @@ -169,7 +168,7 @@ snarf: if (rlen == -1 && flags == MSG_OOB && errno == EINVAL) { /* OOB didn't work */ flags = 0; - rlen = recv(from_fd,tbuf,sizeof(tbuf), flags); + rlen = recv(from_fd, tbuf, sizeof(tbuf), flags); } if (rlen == 0) { debuglog(3, "xfer_data - eof on read socket"); @@ -236,7 +235,7 @@ get_backchannel_socket(int type, int min_port, int max_port, int start_port, count = 1 + max_port - min_port; /* - * pick a port we can bind to from within the range we want. + * Pick a port we can bind to from within the range we want. * If the caller specifies -1 as the starting port number then * we pick one somewhere in the range to try. * This is an optimization intended to speedup port selection and @@ -251,11 +250,12 @@ get_backchannel_socket(int type, int min_port, int max_port, int start_port, } while (count-- > 0) { - int one, fd; struct sockaddr_in sa; + int one, fd; fd = socket(AF_INET, type, 0); + bzero(&sa, sizeof sa); sa.sin_family = AF_INET; if (sap == NULL) sa.sin_addr.s_addr = INADDR_ANY; diff --git a/libexec/ftp-proxy/util.h b/libexec/ftp-proxy/util.h index c7262d175cd..597cd18d33b 100644 --- a/libexec/ftp-proxy/util.h +++ b/libexec/ftp-proxy/util.h @@ -1,4 +1,4 @@ -/* $OpenBSD: util.h,v 1.2 2001/08/28 19:35:04 deraadt Exp $ */ +/* $OpenBSD: util.h,v 1.3 2002/05/23 10:22:14 deraadt Exp $ */ /* * Copyright (c) 1996-2001 @@ -20,36 +20,35 @@ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL OBTUSE SYSTEMS CORPORATION OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * */ struct proxy_channel { - int pc_to_fd, pc_from_fd; - int pc_alive; - int pc_nextbyte; - int pc_flags; - int pc_length; - int pc_size; - struct sockaddr_in pc_from_sa, pc_to_sa; - int (*pc_filter)( void ** databuf, int datalen); - char *pc_buffer; + int pc_to_fd, pc_from_fd; + int pc_alive; + int pc_nextbyte; + int pc_flags; + int pc_length; + int pc_size; + struct sockaddr_in pc_from_sa, pc_to_sa; + int (*pc_filter)( void ** databuf, int datalen); + char *pc_buffer; }; struct csiob { - int fd; - int line_buffer_size, io_buffer_size, io_buffer_len, next_byte; - unsigned char *io_buffer, *line_buffer; - struct sockaddr_in sa, real_sa; - char *who; - char alive, got_eof, data_available; - int send_oob_flags; + int fd; + int line_buffer_size, io_buffer_size, io_buffer_len, next_byte; + unsigned char *io_buffer, *line_buffer; + struct sockaddr_in sa, real_sa; + char *who; + char alive, got_eof, data_available; + int send_oob_flags; }; extern int telnet_getline(struct csiob *iobp, |