syscall.ParseUnixCredentials does not sufficiently validate its inputs to avoid crashes or returning uninitialized memory to the caller (via unsafe use of unsafe).
Current code:
// ParseUnixCredentials decodes a socket control message that contains// credentials in a Ucred structure. To receive such a message, the// SO_PASSCRED option must be enabled on the socket.funcParseUnixCredentials(m*SocketControlMessage) (*Ucred, error) {
ifm.Header.Level!=SOL_SOCKET {
returnnil, EINVAL
}
ifm.Header.Type!=SCM_CREDENTIALS {
returnnil, EINVAL
}
ucred:=*(*Ucred)(unsafe.Pointer(&m.Data[0]))
return&ucred, nil
}
The Data field is blindly cast to a Ucred type without checking the length.
Correct code might look something like:
// ParseUnixCredentials decodes a socket control message that contains// credentials in a Ucred structure. To receive such a message, the// SO_PASSCRED option must be enabled on the socket.funcParseUnixCredentials(m*SocketControlMessage) (*Ucred, error) {
ifm.Header.Level!=SOL_SOCKET {
returnnil, EINVAL
}
ifm.Header.Type!=SCM_CREDENTIALS {
returnnil, EINVAL
}
iflen(m.Data) <SizeofUcred {
returnnil, EINVAL
}
ucred:=*(*Ucred)(unsafe.Pointer(&m.Data[0]))
return&ucred, nil
}
The text was updated successfully, but these errors were encountered:
syscall.ParseUnixCredentials does not sufficiently validate its inputs to avoid crashes or returning uninitialized memory to the caller (via unsafe use of unsafe).
Current code:
The Data field is blindly cast to a Ucred type without checking the length.
Correct code might look something like:
The text was updated successfully, but these errors were encountered: