PR_NewTCPSocketPair: not checking source of connection

RESOLVED FIXED in 4.2

Status

defect
P1
normal
RESOLVED FIXED
18 years ago
18 years ago

People

(Reporter: kaie, Assigned: wtc)

Tracking

Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

Reporter

Description

18 years ago
This bug seems to apply to Windows and Mac, but not to Linux/Unix.

NSPR uses PR_NewTCPSocketPair to create a pair of connected sockets. The server
socket listens on the loopback device, meaning that programs running on the same
machine as an application could try to connect to this socket.

To avoid the possibility that a malicious program could try to exploit this
behaviour in any way, only NSPR itself should be able to connect to itself.
Currently, NSPR does not check that the source socket connecting to the server
socket is the intended socket created by NSPR.
Assignee

Updated

18 years ago
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 4.2
Assignee

Comment 2

18 years ago
Fix checked into the tip of NSPR.
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Assignee

Comment 3

18 years ago
I found that I haven't fixed the "WINNT" version of
PR_NewTCPSocketPair().  More work to do.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee

Comment 5

18 years ago
The WINNT patch has been checked into the tip of NSPR.
Status: REOPENED → RESOLVED
Closed: 18 years ago18 years ago
Resolution: --- → FIXED
Assignee

Updated

18 years ago
Blocks: 129902
You need to log in before you can comment on or make changes to this bug.