-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lib/posix-unixsocket: Fix NULL deref crash #1326
lib/posix-unixsocket: Fix NULL deref crash #1326
Conversation
Previously `unix_socket_recvfrom` would not check its `fromlen` argument before dereferencing it, even though the API allows for it to be NULL. This change fixes this oversight, eliminating a potential crash. Signed-off-by: Andrei Tatar <andrei@unikraft.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All good.
Reviewed-by: Mihnea Firoiu mihneafiroiu0@gmail.com
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, thanks!
Reviewed-by: Maria Sfiraiala maria.sfiraiala@gmail.com
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved-by: Razvan Deaconescu razvand@unikraft.io
Previously `unix_socket_recvfrom` would not check its `fromlen` argument before dereferencing it, even though the API allows for it to be NULL. This change fixes this oversight, eliminating a potential crash. Signed-off-by: Andrei Tatar <andrei@unikraft.io> Reviewed-by: Mihnea Firoiu <mihneafiroiu0@gmail.com> Reviewed-by: Maria Sfiraiala <maria.sfiraiala@gmail.com> Approved-by: Razvan Deaconescu <razvand@unikraft.io> GitHub-Closes: #1326
Previously `unix_socket_recvfrom` would not check its `fromlen` argument before dereferencing it, even though the API allows for it to be NULL. This change fixes this oversight, eliminating a potential crash. Signed-off-by: Andrei Tatar <andrei@unikraft.io> Reviewed-by: Mihnea Firoiu <mihneafiroiu0@gmail.com> Reviewed-by: Maria Sfiraiala <maria.sfiraiala@gmail.com> Approved-by: Razvan Deaconescu <razvand@unikraft.io> GitHub-Closes: unikraft#1326
Description of changes
Previously
unix_socket_recvfrom
would not check itsfromlen
argument before dereferencing it, even though the API allows for it to be NULL. This change fixes this oversight, eliminating a potential crash.Prerequisite checklist
checkpatch.uk
on your commit series before opening this PR;Base target
Additional configuration
Test: call
recvfrom()
on a unix socket with NULL forsrc_addr
.