Page MenuHomeFreeBSD

netinet: Explicitly disallow connections to the unspecified address
ClosedPublic

Authored by markj on Aug 27 2024, 1:52 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 6, 6:22 PM
Unknown Object (File)
Wed, Oct 30, 10:19 AM
Unknown Object (File)
Tue, Oct 22, 12:25 PM
Unknown Object (File)
Tue, Oct 22, 6:17 AM
Unknown Object (File)
Mon, Oct 21, 12:15 PM
Unknown Object (File)
Oct 14 2024, 1:23 PM
Unknown Object (File)
Oct 14 2024, 1:23 PM
Unknown Object (File)
Oct 14 2024, 1:23 PM

Details

Summary

If the V_connect_ifaddr_wild sysctl says that we shouldn't infer a
destination address, return an error. Otherwise it's possible for use
of an unspecified foreign address to trigger a subsequent assertion
failure, for example in in_pcblookup_hash_locked().

Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 59197
Build 56084: arc lint + arc unit

Event Timeline

markj requested review of this revision.Aug 27 2024, 1:52 PM
This revision is now accepted and ready to land.Aug 27 2024, 4:02 PM

What if V_connect_inaddr_wild is true but also CK_STAILQ_EMPTY(&V_in_ifaddrhead)?
I guess ENETUNREACH is sensible in that case as well.

What if V_connect_inaddr_wild is true but also CK_STAILQ_EMPTY(&V_in_ifaddrhead)?
I guess ENETUNREACH is sensible in that case as well.

Yes, that was intentional. This is really about ensuring that the unspecified address, which is used as a sentinel in some places, doesn't get propagated further down into the inpcb layer.

zlei added a subscriber: zlei.

Looks good to me.