Closed
Bug 1229726
Opened 10 years ago
Closed 10 years ago
[MDNS] fix conversion from sockaddr to NetAddr
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
People
(Reporter: schien, Assigned: schien)
References
Details
Attachments
(1 file, 2 obsolete files)
|
58 bytes,
text/x-review-board-request
|
mcmanus
:
review+
jocheng
:
approval‑mozilla‑b2g44+
|
Details |
struct sockaddr has extra "sa_len" field on OSX and FreeBSD, we cannot memcpy a sockaddr to Netaddr.
https://dxr.mozilla.org/mozilla-central/source/netwerk/dns/mdns/libmdns/MDNSResponderReply.cpp#284
|
Assignee | |
Comment 1•10 years ago
|
||
copy sockaddr.sa_family and sockaddr.sa_data separately instead of doing memcpy on sockaddr.
Attachment #8695686 -
Flags: feedback?(mcmanus)
|
||
Comment 2•10 years ago
|
||
Comment on attachment 8695686 [details] [diff] [review]
bug1229726-fix-for-sockaddr-sa_len.patch
Review of attachment 8695686 [details] [diff] [review]:
-----------------------------------------------------------------
::: netwerk/dns/mdns/libmdns/MDNSResponderReply.cpp
@@ +281,5 @@
> }
>
> NetAddr address;
> + address.raw.family = aAddress->sa_family;
> + memcpy(&address.raw.data, aAddress->sa_data, sizeof(aAddress->sa_data));
I don't like that sizeof checking the size of the src only - seems like it could end up with an overwrite. probably need to make sure dest is >= size of src. otherwise lgtm
Attachment #8695686 -
Flags: feedback?(mcmanus) → feedback+
|
|
Assignee | |
Comment 3•10 years ago
|
||
Use static assert to check the size of dest.
Attachment #8695686 -
Attachment is obsolete: true
Attachment #8701294 -
Flags: review?(mcmanus)
|
|
Assignee | |
Comment 4•10 years ago
|
||
Comment on attachment 8701294 [details] [diff] [review]
bug1229726-fix-for-sockaddr-sa_len.patch
sorry, wrong patch file.
Attachment #8701294 -
Flags: review?(mcmanus)
|
|
Assignee | |
Updated•10 years ago
|
Attachment #8701294 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 5•10 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/28951/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/28951/
Attachment #8701353 -
Flags: review?(mcmanus)
|
|
||
Updated•10 years ago
|
Attachment #8701353 -
Flags: review?(mcmanus) → review+
|
|
Assignee | |
Updated•10 years ago
|
Keywords: checkin-needed
Keywords: checkin-needed
|
||
Updated•10 years ago
|
blocking-b2g: --- → 2.5+
|
|
Assignee | |
Comment 8•10 years ago
|
||
Comment on attachment 8701353 [details]
MozReview Request: Bug 1229726 - fix the data copy from sockaddr to NetAddr on OSX/FreeBSD. r=mcmanus.
NOTE: Please see https://wiki.mozilla.org/Release_Management/B2G_Landing to better understand the B2G approval process and landings.
[Approval Request Comment]
Bug caused by (feature/regressing bug #): 1200132
User impact if declined: User cannot launch presentation request from OS X and FreeBSD. No impact for device that receiving presentation request but buffer copy issue might be potential security hole.
Testing completed: done by manual test.
Risk to taking this patch (and alternatives if risky): low
String or UUID changes made by this patch: N/A
Attachment #8701353 -
Flags: approval‑mozilla‑b2g44?
|
|
Assignee | |
Updated•10 years ago
|
Flags: needinfo?(schien)
|
|
||
Comment 9•10 years ago
|
||
Comment on attachment 8701353 [details]
MozReview Request: Bug 1229726 - fix the data copy from sockaddr to NetAddr on OSX/FreeBSD. r=mcmanus.
Approved for Tv2.5
Attachment #8701353 -
Flags: approval‑mozilla‑b2g44? → approval‑mozilla‑b2g44+
|
||
Comment 10•10 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 10 years ago
status-firefox46:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla46
|
|
||
Comment 11•10 years ago
|
||
| bugherder uplift | ||
status-b2g-v2.5:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•