diff options
| author | David Gwynne <dlg@cvs.openbsd.org> | 2011-01-28 06:43:01 +0000 |
|---|---|---|
| committer | David Gwynne <dlg@cvs.openbsd.org> | 2011-01-28 06:43:01 +0000 |
| commit | eeb39c18bc4d324f8dd9644a550ee35e8d39be24 (patch) | |
| tree | 1bd6b4d8a8f059586e4d007fadc734982c9c9d5b /sys | |
| parent | fbd77052fef1724d7bf94cc2489cf943d5546638 (diff) | |
make sure that the size of the addresses userland is trying to configure
make sense, not just the family.
from jonathan matthew
ok yasuoka@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/if_pppx.c | 21 | ||||
| -rw-r--r-- | sys/net/pipex.c | 15 |
2 files changed, 28 insertions, 8 deletions
diff --git a/sys/net/if_pppx.c b/sys/net/if_pppx.c index 73c3ca1c87a..e58eb2a9fd4 100644 --- a/sys/net/if_pppx.c +++ b/sys/net/if_pppx.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pppx.c,v 1.3 2010/11/24 00:56:08 sthen Exp $ */ +/* $OpenBSD: if_pppx.c,v 1.4 2011/01/28 06:43:00 dlg Exp $ */ /* * Copyright (c) 2010 Claudio Jeker <claudio@openbsd.org> @@ -675,16 +675,23 @@ pppx_add_session(struct pppx_dev *pxd, struct pipex_session_req *req) #endif switch (req->peer_address.ss_family) { case AF_INET: + if (req->peer_address.ss_len != sizeof(struct sockaddr_in)) + return (EINVAL); + break; #ifdef INET6 case AF_INET6: -#endif - if (req->peer_address.ss_family != - req->local_address.ss_family) + if (req->peer_address.ss_len != sizeof(struct sockaddr_in6)) return (EINVAL); break; +#endif default: return (EPROTONOSUPPORT); } + if (req->peer_address.ss_family != + req->local_address.ss_family || + req->peer_address.ss_len != + req->local_address.ss_len) + return (EINVAL); break; default: return (EPROTONOSUPPORT); @@ -727,6 +734,12 @@ pppx_add_session(struct pppx_dev *pxd, struct pipex_session_req *req) session->ip_address.sin_addr.s_addr &= session->ip_netmask.sin_addr.s_addr; + if (req->peer_address.ss_len > 0) + memcpy(&session->peer, &req->peer_address, + MIN(req->peer_address.ss_len, sizeof(session->peer))); + if (req->local_address.ss_len > 0) + memcpy(&session->local, &req->local_address, + MIN(req->local_address.ss_len, sizeof(session->local))); #ifdef PIPEX_PPPOE if (req->pr_protocol == PIPEX_PROTO_PPPOE) session->proto.pppoe.over_ifp = over_ifp; diff --git a/sys/net/pipex.c b/sys/net/pipex.c index 75671b14fc8..a1a79535dc0 100644 --- a/sys/net/pipex.c +++ b/sys/net/pipex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pipex.c,v 1.13 2010/09/29 22:15:54 yasuoka Exp $ */ +/* $OpenBSD: pipex.c,v 1.14 2011/01/28 06:43:00 dlg Exp $ */ /*- * Copyright (c) 2009 Internet Initiative Japan Inc. @@ -288,16 +288,23 @@ pipex_add_session(struct pipex_session_req *req, #endif switch (req->peer_address.ss_family) { case AF_INET: + if (req->peer_address.ss_len != sizeof(struct sockaddr_in)) + return (EINVAL); + break; #ifdef INET6 case AF_INET6: -#endif - if (req->peer_address.ss_family != - req->local_address.ss_family) + if (req->peer_address.ss_len != sizeof(struct sockaddr_in6)) return (EINVAL); break; +#endif default: return (EPROTONOSUPPORT); } + if (req->peer_address.ss_family != + req->local_address.ss_family || + req->peer_address.ss_len != + req->local_address.ss_len) + return (EINVAL); break; #endif default: |