From: Changli Gao <xiaosuo@gmail.com>
To: Neil Brown <neilb@suse.de>
Cc: David Miller <davem@davemloft.net>,
shemminger@vyatta.com, netdev@vger.kernel.org
Subject: Re: Undefined behaviour of connect(fd, NULL, 0);
Date: Thu, 1 Apr 2010 13:50:44 +0800 [thread overview]
Message-ID: <v2q412e6f7f1003312250g35ad9ffex8b707bd817ef946f@mail.gmail.com> (raw)
In-Reply-To: <x2j412e6f7f1003312116rd3b3ba96t31267545efe7660f@mail.gmail.com>
On Thu, Apr 1, 2010 at 12:16 PM, Changli Gao <xiaosuo@gmail.com> wrote:
>
> I found this from man page for connect(2)
>
> Generally, connection-based protocol sockets may successfully connect()
> only once; connectionless protocol sockets may use connect() multiple
> times to change their association. Connectionless sockets may dissolve
> the association by connecting to an address with the sa_family member
> of sockaddr set to AF_UNSPEC (supported on Linux since kernel 2.2).
>
dissolving the association by connecting to an address with the
sa_family member of sockaddr set to AF_UNSEPC is broken too.
int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
{
struct inet_sock *inet = inet_sk(sk);
struct sockaddr_in *usin = (struct sockaddr_in *) uaddr;
struct rtable *rt;
__be32 saddr;
int oif;
int err;
if (addr_len < sizeof(*usin))
return -EINVAL;
if (usin->sin_family != AF_INET)
return -EAFNOSUPPORT;
according to the man page, sin_family == AF_UNSPEC should be allowed.
And netlink's connect doesn't check the addr_len, so it behavior is
also undeterminedl
static int netlink_connect(struct socket *sock, struct sockaddr *addr,
int alen, int flags)
{
int err = 0;
struct sock *sk = sock->sk;
struct netlink_sock *nlk = nlk_sk(sk);
struct sockaddr_nl *nladdr = (struct sockaddr_nl *)addr;
if (addr->sa_family == AF_UNSPEC) {
sk->sk_state = NETLINK_UNCONNECTED;
nlk->dst_pid = 0;
nlk->dst_group = 0;
return 0;
}
If this issues need to be fixed, I'll check all the protocols if their
connect() checkes the sizeof of socket address or not, and post a
patch.
--
Regards,
Changli Gao(xiaosuo@gmail.com)
next prev parent reply other threads:[~2010-04-01 5:51 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-31 11:36 Undefined behaviour of connect(fd, NULL, 0); Neil Brown
2010-03-31 18:49 ` Stephen Hemminger
2010-03-31 20:24 ` Neil Brown
2010-03-31 21:14 ` Stephen Hemminger
2010-03-31 21:17 ` David Miller
2010-03-31 22:07 ` Neil Brown
2010-04-01 3:00 ` Changli Gao
2010-04-01 3:38 ` Neil Brown
2010-04-01 4:16 ` Changli Gao
2010-04-01 5:50 ` Changli Gao [this message]
2010-04-01 7:23 ` David Miller
2010-04-05 9:23 ` Changli Gao
2010-04-05 15:56 ` Eric Dumazet
2010-04-05 16:25 ` Andreas Schwab
2010-04-05 19:25 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=v2q412e6f7f1003312250g35ad9ffex8b707bd817ef946f@mail.gmail.com \
--to=xiaosuo@gmail.com \
--cc=davem@davemloft.net \
--cc=neilb@suse.de \
--cc=netdev@vger.kernel.org \
--cc=shemminger@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).