[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pflocal/socket.c(S_socket_connect function) question
From: |
James Morrison |
Subject: |
Re: pflocal/socket.c(S_socket_connect function) question |
Date: |
Sat, 18 Jan 2003 10:20:16 -0800 (PST) |
--- PUYDT Julien <julien.puydt@laposte.net> wrote:
> Hi,
>
> I was reading the sources of pflocal, to learn more about the Hurd
> internals, when I encountered the following piece of code:
>
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> error_t
> S_socket_connect (struct sock_user *user, struct addr *addr)
> {
> error_t err;
> struct sock *peer;
>
> if (! addr)
> return ECONNREFUSED;
>
> /* Deallocate ADDR's send right, which we get as a side effect of the
> rpc. */
> mach_port_deallocate (mach_task_self (),
> ((struct port_info *)addr)->port_right);
As you will notice from the comment, the send right is gotten through the
rpc call. So even if USER does not have the credentials to use this function
the send right still needs to be deallocated. This stops us from leaking
port rights.
> if (! user)
> return EOPNOTSUPP;
>
>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>
> Why is that port deallocated _before_ user is tested for validity? Is it
> unimportant? Why? I would have expected that both addr and user would be
> tested before anything is done...
>
> Snark on #hurd
=====
James Morrison
University of Waterloo
Computer Science - Digital Hardware
2B co-op
http://hurd.dyndns.org
Anyone referring to this as 'Open Source' shall be eaten by a GNU
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com