src - OpenBSD base system

diff options


context:
space:
mode:

author	pamela <pamela@cvs.openbsd.org>	2019-03-12 18:47:58 +0000
committer	pamela <pamela@cvs.openbsd.org>	2019-03-12 18:47:58 +0000
commit	31892956ffdaf776108d3b1a20b704ebf766d25a (patch)
tree	e76075b1e2c6ca453b20c35149019f6bed3bb08d /usr.sbin
parent	ee5f2ed6e7c147ac8d35a1d7828e489c7b699960 (diff)

In the manner of recent changes to unwind(8) and slaacd(8), make imsg

processing more paranoid. Call fatalx() for imsg size mismatches or unexpected/missing imsg fd. OK florian@

Diffstat (limited to 'usr.sbin')

-rw-r--r--

usr.sbin/rad/engine.c

-rw-r--r--

usr.sbin/rad/frontend.c

-rw-r--r--

usr.sbin/rad/rad.c

3 files changed, 68 insertions, 22 deletions

diff --git a/usr.sbin/rad/engine.c b/usr.sbin/rad/engine.c
index 9553f1e8d73..4e6089713ef 100644
--- a/usr.sbin/rad/engine.c
+++ b/usr.sbin/rad/engine.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: engine.c,v 1.12 2019/03/11 16:03:20 pamela Exp $ */

+/* $OpenBSD: engine.c,v 1.13 2019/03/12 18:47:57 pamela Exp $ */

@@ -232,7 +232,9 @@ engine_dispatch_frontend(int fd, short event, void *bula)

remove_iface(if_index);

break;

case IMSG_CTL_LOG_VERBOSE:

- /* Already checked by frontend. */

+ if (IMSG_DATA_SIZE(imsg) != sizeof(verbose))

+ fatalx("%s: IMSG_CTL_LOG_VERBOSE wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

memcpy(&verbose, imsg.data, sizeof(verbose));

log_setverbose(verbose);

break;

@@ -294,16 +296,13 @@ engine_dispatch_main(int fd, short event, void *bula)

* Setup pipe and event handler to the frontend

* process.

- if (iev_frontend) {

- log_warnx("%s: received unexpected imsg fd "

+ if (iev_frontend)

+ fatalx("%s: received unexpected imsg fd "

"to engine", __func__);

- break;

- }

- if ((fd = imsg.fd) == -1) {

- log_warnx("%s: expected to receive imsg fd to "

+ if ((fd = imsg.fd) == -1)

+ fatalx("%s: expected to receive imsg fd to "

"engine but didn't receive any", __func__);

- break;

- }

iev_frontend = malloc(sizeof(struct imsgev));

if (iev_frontend == NULL)

@@ -319,6 +318,8 @@ engine_dispatch_main(int fd, short event, void *bula)

event_add(&iev_frontend->ev, NULL);

break;

case IMSG_RECONF_CONF:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct rad_conf))

+ fatalx("%s: IMSG_RECONF_CONF wrong length: %lu", __func__, IMSG_DATA_SIZE(imsg));

if ((nconf = malloc(sizeof(struct rad_conf))) == NULL)

fatal(NULL);

memcpy(nconf, imsg.data, sizeof(struct rad_conf));

@@ -328,6 +329,10 @@ engine_dispatch_main(int fd, short event, void *bula)

ra_options = &nconf->ra_options;

break;

case IMSG_RECONF_RA_IFACE:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_iface_conf))

+ fatalx("%s: IMSG_RECONF_RA_IFACE wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

if ((ra_iface_conf = malloc(sizeof(struct

ra_iface_conf))) == NULL)

fatal(NULL);

@@ -342,6 +347,11 @@ engine_dispatch_main(int fd, short event, void *bula)

ra_options = &ra_iface_conf->ra_options;

break;

case IMSG_RECONF_RA_AUTOPREFIX:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_prefix_conf))

+ fatalx("%s: IMSG_RECONF_RA_AUTOPREFIX wrong "

+ "length: %lu", __func__,

+ IMSG_DATA_SIZE(imsg));

if ((ra_iface_conf->autoprefix = malloc(sizeof(struct

ra_prefix_conf))) == NULL)

fatal(NULL);

@@ -349,6 +359,11 @@ engine_dispatch_main(int fd, short event, void *bula)

sizeof(struct ra_prefix_conf));

break;

case IMSG_RECONF_RA_PREFIX:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_prefix_conf))

+ fatalx("%s: IMSG_RECONF_RA_PREFIX wrong "

+ "length: %lu", __func__,

+ IMSG_DATA_SIZE(imsg));

if ((ra_prefix_conf = malloc(sizeof(struct

ra_prefix_conf))) == NULL)

fatal(NULL);

@@ -358,6 +373,10 @@ engine_dispatch_main(int fd, short event, void *bula)

ra_prefix_conf, entry);

break;

case IMSG_RECONF_RA_RDNSS:

+ if(IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_rdnss_conf))

+ fatalx("%s: IMSG_RECONF_RA_RDNSS wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

if ((ra_rdnss_conf = malloc(sizeof(struct

ra_rdnss_conf))) == NULL)

fatal(NULL);

@@ -367,6 +386,10 @@ engine_dispatch_main(int fd, short event, void *bula)

ra_rdnss_conf, entry);

break;

case IMSG_RECONF_RA_DNSSL:

+ if(IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_dnssl_conf))

+ fatalx("%s: IMSG_RECONF_RA_DNSSL wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

if ((ra_dnssl_conf = malloc(sizeof(struct

ra_dnssl_conf))) == NULL)

fatal(NULL);

diff --git a/usr.sbin/rad/frontend.c b/usr.sbin/rad/frontend.c
index 33a1d074cd9..fc2cca0b6b6 100644
--- a/usr.sbin/rad/frontend.c
+++ b/usr.sbin/rad/frontend.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: frontend.c,v 1.23 2019/03/11 16:03:20 pamela Exp $ */

+/* $OpenBSD: frontend.c,v 1.24 2019/03/12 18:47:57 pamela Exp $ */

@@ -341,17 +341,13 @@ frontend_dispatch_main(int fd, short event, void *bula)

* Setup pipe and event handler to the engine

* process.

- if (iev_engine) {

- log_warnx("%s: received unexpected imsg fd "

- "to frontend", __func__);

- break;

- }

- if ((fd = imsg.fd) == -1) {

- log_warnx("%s: expected to receive imsg fd to "

+ if (iev_engine)

+ fatalx("%s: received unexpected imsg fd to "

+ "frontend", __func__);

+ if ((fd = imsg.fd) == -1)

+ fatalx("%s: expected to receive imsg fd to "

"frontend but didn't receive any",

__func__);

- break;

- }

iev_engine = malloc(sizeof(struct imsgev));

if (iev_engine == NULL)

@@ -366,6 +362,9 @@ frontend_dispatch_main(int fd, short event, void *bula)

event_add(&iev_engine->ev, NULL);

break;

case IMSG_RECONF_CONF:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct rad_conf))

+ fatalx("%s: IMSG_RECONF_CONF wrong length: %lu",

+ __func__, IMSG_DATA_SIZE(imsg));

if ((nconf = malloc(sizeof(struct rad_conf))) ==

NULL)

fatal(NULL);

@@ -376,6 +375,10 @@ frontend_dispatch_main(int fd, short event, void *bula)

ra_options = &nconf->ra_options;

break;

case IMSG_RECONF_RA_IFACE:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_iface_conf))

+ fatalx("%s: IMSG_RECONF_RA_IFACE wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

if ((ra_iface_conf = malloc(sizeof(struct

ra_iface_conf))) == NULL)

fatal(NULL);

@@ -390,6 +393,11 @@ frontend_dispatch_main(int fd, short event, void *bula)

ra_options = &ra_iface_conf->ra_options;

break;

case IMSG_RECONF_RA_AUTOPREFIX:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_prefix_conf))

+ fatalx("%s: IMSG_RECONF_RA_AUTOPREFIX wrong "

+ "length: %lu", __func__,

+ IMSG_DATA_SIZE(imsg));

if ((ra_iface_conf->autoprefix = malloc(sizeof(struct

ra_prefix_conf))) == NULL)

fatal(NULL);

@@ -397,6 +405,11 @@ frontend_dispatch_main(int fd, short event, void *bula)

sizeof(struct ra_prefix_conf));

break;

case IMSG_RECONF_RA_PREFIX:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_prefix_conf))

+ fatalx("%s: IMSG_RECONF_RA_PREFIX wrong "

+ "length: %lu", __func__,

+ IMSG_DATA_SIZE(imsg));

if ((ra_prefix_conf = malloc(sizeof(struct

ra_prefix_conf))) == NULL)

fatal(NULL);

@@ -406,6 +419,10 @@ frontend_dispatch_main(int fd, short event, void *bula)

ra_prefix_conf, entry);

break;

case IMSG_RECONF_RA_RDNSS:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_rdnss_conf))

+ fatalx("%s: IMSG_RECONF_RA_RDNSS wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

if ((ra_rdnss_conf = malloc(sizeof(struct

ra_rdnss_conf))) == NULL)

fatal(NULL);

@@ -415,6 +432,10 @@ frontend_dispatch_main(int fd, short event, void *bula)

ra_rdnss_conf, entry);

break;

case IMSG_RECONF_RA_DNSSL:

+ if (IMSG_DATA_SIZE(imsg) != sizeof(struct

+ ra_dnssl_conf))

+ fatalx("%s: IMSG_RECONF_RA_DNSSL wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

if ((ra_dnssl_conf = malloc(sizeof(struct

ra_dnssl_conf))) == NULL)

fatal(NULL);

diff --git a/usr.sbin/rad/rad.c b/usr.sbin/rad/rad.c
index 650a260ddd5..d6e139a612f 100644
--- a/usr.sbin/rad/rad.c
+++ b/usr.sbin/rad/rad.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: rad.c,v 1.18 2019/01/29 15:43:33 florian Exp $ */

+/* $OpenBSD: rad.c,v 1.19 2019/03/12 18:47:57 pamela Exp $ */

@@ -427,7 +427,9 @@ main_dispatch_frontend(int fd, short event, void *bula)

log_warnx("configuration reloaded");

break;

case IMSG_CTL_LOG_VERBOSE:

- /* Already checked by frontend. */

+ if (IMSG_DATA_SIZE(imsg) != sizeof(verbose))

+ fatalx("%s: IMSG_CTL_LOG_VERBOSE wrong length: "

+ "%lu", __func__, IMSG_DATA_SIZE(imsg));

memcpy(&verbose, imsg.data, sizeof(verbose));

log_setverbose(verbose);

break;