git: fd6b3bede5a5 - main - if_ovpn: reject non-UDP sockets
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 11 Aug 2022 09:38:31 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=fd6b3bede5a5c210f327e5c9bd3e415ee905048b
commit fd6b3bede5a5c210f327e5c9bd3e415ee905048b
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-08-11 08:30:39 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-08-11 08:40:03 +0000
if_ovpn: reject non-UDP sockets
We must ensure that the fd provided by userspace is really for a UDP
socket. If it's not we'll panic in udp_set_kernel_tunneling().
Reported by: Gert Doering <gert@greenie.muc.de>
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sys/net/if_ovpn.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/sys/net/if_ovpn.c b/sys/net/if_ovpn.c
index 37814783fe3f..7d5d384a6f75 100644
--- a/sys/net/if_ovpn.c
+++ b/sys/net/if_ovpn.c
@@ -559,6 +559,12 @@ ovpn_new_peer(struct ifnet *ifp, const nvlist_t *nvl)
goto error_locked;
}
+ /* Make sure this is really a UDP socket. */
+ if (so->so_type != SOCK_DGRAM || so->so_proto->pr_type != SOCK_DGRAM) {
+ ret = EPROTOTYPE;
+ goto error_locked;
+ }
+
/* Must be the same socket as for other peers on this interface. */
if (sc->so != NULL && so != sc->so)
goto error_locked;