svn commit: r361081 - head/sys/netinet
Michael Tuexen
tuexen at FreeBSD.org
Fri May 15 14:06:38 UTC 2020
Author: tuexen
Date: Fri May 15 14:06:37 2020
New Revision: 361081
URL: https://svnweb.freebsd.org/changeset/base/361081
Log:
Allow only IPv4 addresses in sendto() for TCP on AF_INET sockets.
This problem was found by looking at syzkaller reproducers for some other
problems.
Reviewed by: rrs
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D24831
Modified:
head/sys/netinet/tcp_usrreq.c
Modified: head/sys/netinet/tcp_usrreq.c
==============================================================================
--- head/sys/netinet/tcp_usrreq.c Fri May 15 14:00:12 2020 (r361080)
+++ head/sys/netinet/tcp_usrreq.c Fri May 15 14:06:37 2020 (r361081)
@@ -1037,6 +1037,12 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf
error = EINVAL;
goto out;
}
+ if ((inp->inp_vflag & INP_IPV6PROTO) == 0) {
+ if (m != NULL)
+ m_freem(m);
+ error = EAFNOSUPPORT;
+ goto out;
+ }
if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
if (m)
m_freem(m);
More information about the svn-src-head
mailing list