Potential issues for linux socket syscall
Weike.Chen at Dell.com
Weike.Chen at Dell.com
Tue Feb 26 05:03:25 UTC 2019
> From: Brooks Davis <brooks at freebsd.org>
> Sent: Tuesday, February 26, 2019 2:45 AM
> To: Chen, Weike <Weike_Chen at Dell.com>
> Cc: emulation at FreeBSD.org
> Subject: Re: Potential issues for linux socket syscall
>
> On Thu, Feb 21, 2019 at 02:57:23AM +0000, Weike.Chen at Dell.com wrote:
> >
> > Hi Linux emulation experts,
> >
> > I find a potential issue on FreeBSD 12 official release for Linux emulation
> syscall.
> >
> > The function 'linux_getsockname' in 'linux_socket.c' calls
> 'bsd_to_linux_sockaddr', and it calls 'bsd_to_linux_domain' to convert
> 'sa_family' from BSD domain to Linux domain.
> >
> > But after calling 'bsd_to_linux_sockaddr', 'linux_sa_put' is called, and it calls
> 'bsd_to_linux_domain' to convert 'sa_family' from BSD domain to Linux domain
> again.
> > But the 'sa_family' has already been converted.
> > Since the value of AF_INTE6 and LINUX_AF_INET6 is different, and converting
> twice will cause issue.
>
> This code is definitely unsafe. I'd opened a bug to track some of this issues at
> little while ago at:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232920.
>
> Would you mind pasting your analysis into that report?
I have past the analysis with the case and testing result on freebsd and linux.
>
> Do you have a simple test case? I only hit the issue while auditing some general
> code and so was leary about trying to fix unfamiliar code without one.
>
> Thanks,
> Brooks
More information about the freebsd-emulation
mailing list