1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

swrap: extend input checks in swrap_bind()

Not only check family, but depending on family, also check the length.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Michael Adam 2014-06-03 15:12:34 +02:00
parent 3700a4625c
commit 8f28674b50

View File

@ -853,6 +853,7 @@ static const char *socket_wrapper_dir(void)
if (s == NULL) {
return NULL;
}
/* TODO use realpath(3) here, when we add support for threads */
if (strncmp(s, "./", 2) == 0) {
s += 2;
}
@ -2724,13 +2725,59 @@ static int swrap_bind(int s, const struct sockaddr *myaddr, socklen_t addrlen)
int ret;
struct sockaddr_un un_addr;
struct socket_info *si = find_socket_info(s);
int bind_error = 0;
if (!si) {
return libc_bind(s, myaddr, addrlen);
}
if (si->family != myaddr->sa_family) {
errno = EAFNOSUPPORT;
switch (si->family) {
case AF_INET: {
const struct sockaddr_in *sin;
if (addrlen < sizeof(struct sockaddr_in)) {
bind_error = EINVAL;
break;
}
sin = (struct sockaddr_in *)myaddr;
if (sin->sin_family != AF_INET) {
bind_error = EAFNOSUPPORT;
}
/* special case for AF_UNSPEC */
if (sin->sin_family == AF_UNSPEC &&
(sin->sin_addr.s_addr == htonl(INADDR_ANY)))
{
bind_error = 0;
}
break;
}
#ifdef HAVE_IPV6
case AF_INET6: {
const struct sockaddr_in6 *sin6;
if (addrlen < sizeof(struct sockaddr_in6)) {
bind_error = EINVAL;
break;
}
sin6 = (struct sockaddr_in6 *)myaddr;
if (sin6->sin6_family != AF_INET6) {
bind_error = EAFNOSUPPORT;
}
break;
}
#endif
default:
bind_error = EINVAL;
break;
}
if (bind_error != 0) {
errno = bind_error;
return -1;
}