Closed Bug 54796 Opened 25 years ago Closed 24 years ago

PR_InitializeNetAddr() does not clear trailing garbage

Categories

(NSPR :: NSPR, defect, P3)

Product:
NSPR
Component:
NSPR
Platform:
All
NetBSD
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: taya, Assigned: wtc)

References

Details

Attachments

(5 files)

sample program
417 bytes, patch
Details | Diff | Splinter Review
Proposed patch.
1006 bytes, patch
Details | Diff | Splinter Review
I think this would be a cleaner fix
1016 bytes, patch
Details | Diff | Splinter Review
To use John's patch, I need to move the setting of 'family' after the memset call.
1.15 KB, patch
Details | Diff | Splinter Review
Removed extra '&' in front of 'addr' in previous patch.
1.14 KB, patch
Details | Diff | Splinter Review
PR_InitializeNetAddr() does not clear addr->sin_zero. This cause PR_Bind() failure in SSM_OpenPort() at security/psm/server/servutil.c I think every part which sets address to PRNetAddr should clear whole buffer before set address. I also tested on FreeBSD-3.3 and got same result.
Attached patch sample programSplinter Review
Blocks: 54797
Thanks for the bug report. We are aware of this problem of PR_InitializeNetAddr() and in hindsight we should have had the function zero the whole PRNetAddr before setting the members. We can't change the function to clear the PRNetAddr because that will change the behavior of the function. So callers of PR_InitializeNetAddr will have to zero the PRNetAddr themselves. You need to add something like memset(&addr, 0, sizeof(PRNetAddr)); to the PSM code before the PR_InitializeNetAddr call.
Status: UNCONFIRMED → RESOLVED
Closed: 25 years ago
Resolution: --- → WONTFIX
I'm now convinced that this bug should be fixed in NSPR rather than having all the apps work around it. I need to convince myself that no apps may depend on this bug.
Status: RESOLVED → UNCONFIRMED
Resolution: WONTFIX → ---
rubber-stamp confirm. cluefull reporter. Shin'ichiro TAYA, ask somebody from QA to increase your rights.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Attached patch Proposed patch.Splinter Review
John, I'd like you to review my patch (id=23603). 1. I only zero the sock addr when the 'val' argument to PR_InitializeNetAddr or PR_SetNetAddr is not PR_IpAddrNull because in the PR_IpAddrNull case we need to keep the IP address field intact. 2. I could zero the whole PRNetAddr, but I only zero the PRNetAddr union member in use for two reasons: - PRNetAddr contains the Unix domain sock addr on Unix, which is 108 bytes. In contract, the 'inet' member is only 16 bytes and the 'ipv6' member is only 32 bytes. - I am concerned that some existing code may actually pass a sockaddr_in structure in, so I am concerned about writing beyond the end of the sockaddr_in structure. This is probably not worth worrying about. I am very concerned that this patch breaks binary compatibility because PR_InitializeNetAddr and PR_SetNetAddr is not zeroing the sock addr right now. What do you think? Do you think we should modify PR_InitializeNetAddr to zero the sock addr, or ask NSPR clients to zero the sock addr before passing it to PR_InitializeNetAddr (essentially working around this bug)?
Status: NEW → ASSIGNED
Target Milestone: --- → 4.1.1
I think we should apply the fix. It is extremely unlikely existing NSPR clients depend on current behavior. Such dependence would be an incorrect use of the published API.
I checked in my latest patch (id=23614) on the tip, the NSPRPUB_RELEASE_4_1_BRANCH, and the NSPRPUB_CLIENT_BRANCH. I found that PR_StringToNetAddr should also zero the sock addr first, but the code in that function is more complicated. If the caller of PR_StringToNetAddr always passes a PRNetAddr as they should, there is a simple patch which I will attach next.
On second thought, I'll open a separate bug report for PR_StringToNetAddr so that I can mark this bug fixed.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago24 years ago
Resolution: --- → FIXED
*** Bug 65549 has been marked as a duplicate of this bug. ***
With this fix, I could build & run psm on NetBSD/i386-current. BTW, two problems building psm. While I'm building psm, 1)NSS didn't compile I compiled it manually. 2)psm was installed to dist/NetBSD1.5Q_DBG.OBJ/bin. Mozilla failed to run psm. Because mozilla launch dist/bin/start-psm. Is it a NetBSD specific problem? Anyway, this bug has fix with your work. Thank you!
Hi Taya, Thanks for verifying that the fix works. Unfortunately, I am not building PSM now, so I won't be able to help you with the PSM/NSS build problems. I suggest that you post a question to mozilla.crypto.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: