[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 06/08: Fixed handling of connections with non-standard c
From: |
gnunet |
Subject: |
[libmicrohttpd] 06/08: Fixed handling of connections with non-standard client addresses (pipe or UNIX sockets). |
Date: |
Sat, 14 May 2022 15:11:41 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit 840bc6ecfc2d8f65687c0c788cb595489e5cc0bd
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Sat May 14 15:47:58 2022 +0300
Fixed handling of connections with non-standard client addresses (pipe or
UNIX sockets).
Fixed potential out-of-bond buffer read
---
src/microhttpd/daemon.c | 90 +++++++++++++++++++++++++++----------------------
1 file changed, 49 insertions(+), 41 deletions(-)
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index b7980460..3d09a975 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -319,38 +319,37 @@ MHD_ip_addr_to_key (const struct sockaddr *addr,
socklen_t addrlen,
struct MHD_IPCount *key)
{
-#ifndef DEBUG
- (void) addrlen; /* Mute compiler warning */
-#endif /* DEBUG */
memset (key,
0,
sizeof(*key));
/* IPv4 addresses */
- if (AF_INET == addr->sa_family)
+ if (sizeof (struct sockaddr_in) <= (size_t) addrlen)
{
- mhd_assert (sizeof (struct sockaddr_in) <= (size_t) addrlen);
-
- key->family = AF_INET;
- memcpy (&key->addr.ipv4,
- ((const uint8_t *) addr)
- + _MHD_OFFSETOF (struct sockaddr_in, sin_addr),
- sizeof(((struct sockaddr_in *) NULL)->sin_addr));
- return MHD_YES;
+ if (AF_INET == addr->sa_family)
+ {
+ key->family = AF_INET;
+ memcpy (&key->addr.ipv4,
+ ((const uint8_t *) addr)
+ + _MHD_OFFSETOF (struct sockaddr_in, sin_addr),
+ sizeof(((struct sockaddr_in *) NULL)->sin_addr));
+ return MHD_YES;
+ }
}
#if HAVE_INET6
- /* IPv6 addresses */
- if (AF_INET6 == addr->sa_family)
+ if (sizeof (struct sockaddr_in6) <= (size_t) addrlen)
{
- mhd_assert (sizeof (struct sockaddr_in6) <= (size_t) addrlen);
-
- key->family = AF_INET6;
- memcpy (&key->addr.ipv6,
- ((const uint8_t *) addr)
- + _MHD_OFFSETOF (struct sockaddr_in6, sin6_addr),
- sizeof(((struct sockaddr_in6 *) NULL)->sin6_addr));
- return MHD_YES;
+ /* IPv6 addresses */
+ if (AF_INET6 == addr->sa_family)
+ {
+ key->family = AF_INET6;
+ memcpy (&key->addr.ipv6,
+ ((const uint8_t *) addr)
+ + _MHD_OFFSETOF (struct sockaddr_in6, sin6_addr),
+ sizeof(((struct sockaddr_in6 *) NULL)->sin6_addr));
+ return MHD_YES;
+ }
}
#endif
@@ -2498,25 +2497,30 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
connection->sk_nodelay = _MHD_UNKNOWN;
}
- if (NULL == (connection->addr = malloc (addrlen)))
+ if (0 < addrlen)
{
- eno = errno;
+ if (NULL == (connection->addr = malloc ((size_t) addrlen)))
+ {
+ eno = errno;
#ifdef HAVE_MESSAGES
- MHD_DLOG (daemon,
- _ ("Error allocating memory: %s\n"),
- MHD_strerror_ (errno));
+ MHD_DLOG (daemon,
+ _ ("Error allocating memory: %s\n"),
+ MHD_strerror_ (errno));
#endif
- MHD_socket_close_chk_ (client_socket);
- MHD_ip_limit_del (daemon,
- addr,
- addrlen);
- free (connection);
- errno = eno;
- return NULL;
+ MHD_socket_close_chk_ (client_socket);
+ MHD_ip_limit_del (daemon,
+ addr,
+ addrlen);
+ free (connection);
+ errno = eno;
+ return NULL;
+ }
+ memcpy (connection->addr,
+ addr,
+ (size_t) addrlen);
}
- memcpy (connection->addr,
- addr,
- addrlen);
+ else
+ connection->addr = NULL;
connection->addr_len = addrlen;
connection->socket_fd = client_socket;
connection->sk_nonblck = non_blck;
@@ -2569,7 +2573,8 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
MHD_ip_limit_del (daemon,
addr,
addrlen);
- free (connection->addr);
+ if (NULL != connection->addr)
+ free (connection->addr);
free (connection);
#ifdef HAVE_MESSAGES
MHD_DLOG (daemon,
@@ -2633,7 +2638,8 @@ new_connection_prepare_ (struct MHD_Daemon *daemon,
MHD_ip_limit_del (daemon,
addr,
addrlen);
- free (connection->addr);
+ if (NULL != connection->addr)
+ free (connection->addr);
free (connection);
MHD_PANIC (_ ("Unknown credential type.\n"));
#if EINVAL
@@ -2701,7 +2707,8 @@ new_connection_close_ (struct MHD_Daemon *daemon,
MHD_ip_limit_del (daemon,
connection->addr,
connection->addr_len);
- free (connection->addr);
+ if (NULL != connection->addr)
+ free (connection->addr);
free (connection);
}
@@ -2896,7 +2903,8 @@ new_connection_process_ (struct MHD_Daemon *daemon,
MHD_ip_limit_del (daemon,
connection->addr,
connection->addr_len);
- free (connection->addr);
+ if (NULL != connection->addr)
+ free (connection->addr);
MHD_socket_close_chk_ (connection->socket_fd);
free (connection);
if (0 != eno)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (f50b6be7 -> 83fe7b77), gnunet, 2022/05/14
- [libmicrohttpd] 02/08: MHD_create_response_from_buffer_copy(): fixed doxy, gnunet, 2022/05/14
- [libmicrohttpd] 04/08: Return NULL for MHD_CONNECTION_INFO_CLIENT_ADDRESS if information is not available, gnunet, 2022/05/14
- [libmicrohttpd] 01/08: Replaced MHD_RESPMEM_MUST_FREE with more portable solution in examples, gnunet, 2022/05/14
- [libmicrohttpd] 03/08: Replaced MHD_RESPMEM_PERSISTENT usage in examples and code, gnunet, 2022/05/14
- [libmicrohttpd] 08/08: Fixed additional compiler warnings on W32, gnunet, 2022/05/14
- [libmicrohttpd] 05/08: Fixed return type for get_system_fdsetsize_value (), gnunet, 2022/05/14
- [libmicrohttpd] 06/08: Fixed handling of connections with non-standard client addresses (pipe or UNIX sockets).,
gnunet <=
- [libmicrohttpd] 07/08: Fixed some compiler warnings on W32, gnunet, 2022/05/14