lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 3 Jan 2023 11:28:19 +0100
From:   Mirsad Goran Todorovac <mirsad.todorovac@....unizg.hr>
To:     linux-kselftest@...r.kernel.org
Cc:     "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, Shuah Khan <shuah@...nel.org>,
        Kuniyuki Iwashima <kuniyu@...zon.co.jp>,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: PATCH [1/1]: Bug with sockaddr size in net/af_unix/test_unix_oob.c

Hi all,

There is a minor issue that prevents self test net/af_unix to run on my platform:

# ./test_unix_oob
Connect failed: No such file or directory
Terminated

Tracing reveals that bind tried to open a shorter AF_UNIX socket address:

# strace -f ./test_unix_oob
.
.
.
socket(AF_UNIX, SOCK_STREAM, 0)         = 3
getpid()                                = 453059
unlink("unix_oob_453059")               = -1 ENOENT (No such file or directory)
bind(3, {sa_family=AF_UNIX, sun_path="unix_oob_453059"}, 110) = 0
pipe2([4, 5], 0)                        = 0
listen(3, 1)                            = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fa6a6577a10) = 453060
rt_sigaction(SIGURG, {sa_handler=0x5601e2d014c9, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, 
sa_restorer=0x7fa6a623bcf0}, NULL, 8) = 0
write(5, "S", 1)                        = 1
accept(3, strace: Process 453060 attached
  <unfinished ...>
[pid 453060] set_robust_list(0x7fa6a6577a20, 24) = 0
[pid 453060] socket(AF_UNIX, SOCK_STREAM, 0) = 6
[pid 453060] read(4, "S", 5)            = 1
[pid 453060] connect(6, {sa_family=AF_UNIX, sun_path="unix_oob_45305"}, 16) = -1 ENOENT (No such file or directory)
.
.
.

NOTE: bind used UNIX_AF addr "unix_oob_453059", while producer tries to connect to "unix_oob_45305".

When pids were up to 5 digits it probably did not manifest, but logically the size of the
consumer_addr is sizeof(struct sockaddr_un).

Please find the patch attached:

Thanks,
Mirsad

------------------------------------------------------------------------------------------------
diff --git a/tools/testing/selftests/net/af_unix/test_unix_oob.c b/tools/testing/selftests/net/af_unix/test_unix_oob.c
index b57e91e1c3f2..7ea733239cd9 100644
--- a/tools/testing/selftests/net/af_unix/test_unix_oob.c
+++ b/tools/testing/selftests/net/af_unix/test_unix_oob.c
@@ -124,7 +124,7 @@ void producer(struct sockaddr_un *consumer_addr)

  	wait_for_signal(pipefd[0]);
  	if (connect(cfd, (struct sockaddr *)consumer_addr,
-		     sizeof(struct sockaddr)) != 0) {
+		     sizeof(struct sockaddr_un)) != 0) {
  		perror("Connect failed");
  		kill(0, SIGTERM);
  		exit(1);

--
Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
-- 
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ