rtems_bsdnet_fdToSocket()
Till Straumann
strauman at slac.stanford.edu
Thu Feb 12 19:42:23 UTC 2009
IMHO rtems_bsdnet_fdToSocket() doesn't
verify thoroughly enough that the file
descriptor passed in is really a socket.
If you e.g., try getsockname() on a fd
that was opened on a termios device then
a crash may result.
I propose to let rtems_bsdnet_fdToSocket()
test not only that iop->data1 is NULL but
to add an additional test.
Either
1) add a new flag LIBIO_FLAGS_ISSOCK
which is set by rtems_bsdnet_makeFdForSocket()
and tested by rtems_bsdnet_fdToSocket()
1a) instead of one flag we could use a few
more bits and create a LIBIO_FLAGS_IOP_TYPE
bitmask (in case the need for other special
cases besides sockets arises in the future).
The test would then look like
if ( LIBIO_FLAGS_IOP_TYPE(iop->flags) != LIBIO_FLAGS_IOP_TYPE_SOCK ) {
errno = ENOTSOCK;
return NULL;
}
Sidenote: IMO, if data1 == NULL then errno should
also be ENOTSOCK instead of EBADF.
2) alternatively, rtems_bsdnet_fdToSocket() could
test if iop->handlers == socket_handlers.
socket_handlers would then have to become a globally
visible symbol (right now a static variable).
Unfortunately, this would introduce some asymmetry
(fdToSocket() refers to global symbol, makeFdForSocket
gets pointer to handlers passed in).
If nobody objects or has a better idea then I would
implement 1a), create a PR and commit to 4.9 and HEAD.
RFC
-Till
More information about the users
mailing list