cvs commit: src/usr.sbin/jexec jexec.8 jexec.c

Bjoern A. Zeeb bzeeb-lists at lists.zabbadoz.net
Mon May 26 20:49:12 UTC 2008


On Mon, 26 May 2008, Michael Reifenberger wrote:

Hi,

> mr          2008-05-26 11:57:49 UTC
>
>  FreeBSD src repository
>
>  Modified files:
>    usr.sbin/jexec       jexec.8 jexec.c
>  Log:
>  Extend jexec to accept hostname or ip-number besides jail-id.
>
>  MFC after:      2 weeks
>
>  Revision  Changes    Path
>  1.5       +7 -2      src/usr.sbin/jexec/jexec.8
>  1.5       +53 -2     src/usr.sbin/jexec/jexec.c

It seems you decided to leave this in (for now).

So here are my problems with the code - could you please fix them?

1. you are accepting an IP address or a hostname instead of a jail ID
    without an option letter like -i or -h. Why is this a problem?
    I have hostnames like 127.
    127 is a valid IP Address.
    127 could be a Jail-ID I am not refereing to.

2. When going through the list of IPs you got from the kernel:
+       for (i = 0; i < len / sizeof(*xp); i++) {
+               in.s_addr = ntohl(xp->pr_ip);
    it should be htonl. (at least for correct documentation purposes)

3. You are comparing strings of IP addresses:
+               if ((strncmp(inet_ntoa(in), addr, slen) == 0) ||
    Now, would that match 127 or 0x7f000000? No. Convert the string
    to an address and compare the numbers.

4. You are taking the length og the input address:
+       slen = strlen(addr);
    Assume I gave 192.0.2.1 as input, the length would be 9.
    Assume the kernel gives you back 192.0.2.111.
    strncmp on those two would give you a match, which is wrong.
    Same is true for hostnames, like input "foo", kernel "foobar".

5. addr2jid should be static

6. On match you are doing:
+                       free(sxp);
+                       return (xp->pr_id);
    freeing sxp but returning xp->pr_id but
    wherever xp points to is within the malloced area of sxp.
    Use after free.


Greetings
Bjoern

-- 
Bjoern A. Zeeb              Stop bit received. Insert coin for new game.


More information about the cvs-src mailing list