From Jérôme Duval <jerome.duval@xxxxxxxxx>:
Jérôme Duval has uploaded this change for review. (
https://review.haiku-os.org/c/haiku/+/3364 ;)
Change subject: network/stack: assume zero length ioctl requests are valid
......................................................................
network/stack: assume zero length ioctl requests are valid
posix ioctl calls don't provide a request length. Theorically these length
checks
could be removed altogether.
---
M src/add-ons/kernel/network/stack/datalink.cpp
M src/add-ons/kernel/network/stack/link.cpp
2 files changed, 10 insertions(+), 9 deletions(-)
git pull ssh://git.haiku-os.org:22/haiku refs/changes/64/3364/1
diff --git a/src/add-ons/kernel/network/stack/datalink.cpp
b/src/add-ons/kernel/network/stack/datalink.cpp
index 74ed66b..8fa8c6c 100644
--- a/src/add-ons/kernel/network/stack/datalink.cpp
+++ b/src/add-ons/kernel/network/stack/datalink.cpp
@@ -134,7 +134,7 @@
ASSERT(option == SIOCGIFINDEX || option == SIOCGIFNAME);
size_t expected = option == SIOCGIFINDEX ? IF_NAMESIZE : sizeof(ifreq);
- if (*_length < expected)
+ if (*_length > 0 && *_length < expected)
return B_BAD_VALUE;
ifreq request;
@@ -215,7 +215,7 @@
case SIOCAIFADDR: /* same as B_SOCKET_ADD_ALIAS */
{
// add new interface address
- if (*_length < sizeof(struct ifaliasreq))
+ if (*_length > 0 && *_length < sizeof(struct
ifaliasreq))
return B_BAD_VALUE;
struct ifaliasreq request;
@@ -320,10 +320,9 @@
default:
{
// We also accept partial ifreqs as long as the name is
complete.
- if (*_length < IF_NAMESIZE)
- return B_BAD_VALUE;
-
- size_t length = min_c(sizeof(struct ifreq), *_length);
+ size_t length = sizeof(struct ifreq);
+ if (*_length > 0 && *_length >= IF_NAMESIZE)
+ length = min_c(length, *_length);
// try to pass the request to an existing interface
struct ifreq request;
@@ -754,7 +753,9 @@
case SIOCGIFBRDADDR:
case SIOCGIFDSTADDR:
{
- if (length < sizeof(ifreq))
+ if (length == 0)
+ length = sizeof(ifreq);
+ else if (length < sizeof(ifreq))
return B_BAD_VALUE;
ifreq request;
@@ -920,7 +921,7 @@
case SIOCGIFMEDIA:
{
// get media
- if (length < sizeof(ifmediareq))
+ if (length > 0 && length < sizeof(ifmediareq))
return B_BAD_VALUE;
struct ifmediareq request;
diff --git a/src/add-ons/kernel/network/stack/link.cpp
b/src/add-ons/kernel/network/stack/link.cpp
index c88f19b..12f20ad 100644
--- a/src/add-ons/kernel/network/stack/link.cpp
+++ b/src/add-ons/kernel/network/stack/link.cpp
@@ -455,7 +455,7 @@
case SIOCGIFMEDIA:
{
// get media
- if (*_length < sizeof(ifmediareq))
+ if (*_length > 0 && *_length < sizeof(ifmediareq))
return B_BAD_VALUE;
net_device_interface* interface;
--
To view, visit https://review.haiku-os.org/c/haiku/+/3364
To unsubscribe, or for help writing mail filters, visit
https://review.haiku-os.org/settings
Gerrit-Project: haiku
Gerrit-Branch: master
Gerrit-Change-Id: Ie53f10dc8d050dd3bdf2e5a792ed79f139a24d29
Gerrit-Change-Number: 3364
Gerrit-PatchSet: 1
Gerrit-Owner: Jérôme Duval <jerome.duval@xxxxxxxxx>
Gerrit-MessageType: newchange
