1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 02:37:36 +00:00

UE: Make sure the buffers for get{sock,peer}name() are large enough

Previously struct sockaddr was used which isn't guaranteed to be
large enough to hold the socket address get{sock,peer}name() returns.

Also, the addrlen argument was initialized incorrectly and should
instead use the address length specified by the caller.
This commit is contained in:
Gunnar Beutner 2021-05-16 19:40:43 +02:00 committed by Andreas Kling
parent fbfd0ed5ab
commit 529f605ac8

View file

@ -706,9 +706,11 @@ int Emulator::virt$getsockname(FlatPtr params_addr)
{
Syscall::SC_getsockname_params params;
mmu().copy_from_vm(&params, params_addr, sizeof(params));
struct sockaddr addr = {};
socklen_t addrlen = {};
auto rc = getsockname(params.sockfd, &addr, &addrlen);
sockaddr_storage addr = {};
socklen_t addrlen;
mmu().copy_from_vm(&addrlen, (FlatPtr)params.addrlen, sizeof(socklen_t));
VERIFY(addrlen <= sizeof(addr));
auto rc = getsockname(params.sockfd, (sockaddr*)&addr, &addrlen);
mmu().copy_to_vm((FlatPtr)params.addr, &addr, sizeof(addr));
mmu().copy_to_vm((FlatPtr)params.addrlen, &addrlen, sizeof(addrlen));
return rc;
@ -718,9 +720,11 @@ int Emulator::virt$getpeername(FlatPtr params_addr)
{
Syscall::SC_getpeername_params params;
mmu().copy_from_vm(&params, params_addr, sizeof(params));
struct sockaddr addr = {};
socklen_t addrlen = {};
auto rc = getpeername(params.sockfd, &addr, &addrlen);
sockaddr_storage addr = {};
socklen_t addrlen;
mmu().copy_from_vm(&addrlen, (FlatPtr)params.addrlen, sizeof(socklen_t));
VERIFY(addrlen <= sizeof(addr));
auto rc = getpeername(params.sockfd, (sockaddr*)&addr, &addrlen);
mmu().copy_to_vm((FlatPtr)params.addr, &addr, sizeof(addr));
mmu().copy_to_vm((FlatPtr)params.addrlen, &addrlen, sizeof(addrlen));
return rc;