diff options
| author | cinap_lenrek <cinap_lenrek@gmx.de> | 2013-04-02 01:40:29 +0200 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@gmx.de> | 2013-04-02 01:40:29 +0200 |
| commit | e8c1d0fe7cdfcbf0d913b5091a33a14da561f976 (patch) | |
| tree | a04271094793b14bcd1bd5050afc7c90399b6fe7 /sys/src/ape/lib/bsd/bind.c | |
| parent | e8a02760901e0b700ba845c9f57601f662e0e0aa (diff) | |
ape: check *alen before copying in getpeername(), getsockname() and accept()
*alen has to be initialized to the size of the buffer
by the caller, and we are supposed to put the real
size of the address in there, but not copy more than
the original *alen value (truncate).
Diffstat (limited to 'sys/src/ape/lib/bsd/bind.c')
| -rw-r--r-- | sys/src/ape/lib/bsd/bind.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/src/ape/lib/bsd/bind.c b/sys/src/ape/lib/bsd/bind.c index 902fbcd46..a4c7ae573 100644 --- a/sys/src/ape/lib/bsd/bind.c +++ b/sys/src/ape/lib/bsd/bind.c @@ -25,6 +25,7 @@ int bind(int fd, void *a, int alen) { int n, len, cfd, port; + struct sockaddr *sa; Rock *r; char msg[128]; @@ -34,6 +35,11 @@ bind(int fd, void *a, int alen) errno = ENOTSOCK; return -1; } + sa = (struct sockaddr*)a; + if(sa->sa_family != r->domain){ + errno = EAFNOSUPPORT; + return -1; + } if(alen > sizeof(r->addr)){ errno = ENAMETOOLONG; return -1; |