Closed Bug 106496 Opened 21 years ago Closed 21 years ago

PR_NewTCPSocketPair: not checking source of connection

Categories

(NSPR :: NSPR, defect, P1)

4.1.3
defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: KaiE, Assigned: wtc)

References

Details

Attachments

(2 files)

This bug seems to apply to Windows and Mac, but not to Linux/Unix.

NSPR uses PR_NewTCPSocketPair to create a pair of connected sockets. The server
socket listens on the loopback device, meaning that programs running on the same
machine as an application could try to connect to this socket.

To avoid the possibility that a malicious program could try to exploit this
behaviour in any way, only NSPR itself should be able to connect to itself.
Currently, NSPR does not check that the source socket connecting to the server
socket is the intended socket created by NSPR.
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 4.2
Fix checked into the tip of NSPR.
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
I found that I haven't fixed the "WINNT" version of
PR_NewTCPSocketPair().  More work to do.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
The WINNT patch has been checked into the tip of NSPR.
Status: REOPENED → RESOLVED
Closed: 21 years ago21 years ago
Resolution: --- → FIXED
Blocks: 129902
You need to log in before you can comment on or make changes to this bug.