Rishi Khan wrote way back on 2008-05-10:
in lwip_accept (in sockets.c) there is this code:
memset(&sin, 0, sizeof(sin));
sin.sin_len = sizeof(sin);
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
sin.sin_addr.s_addr = naddr.addr;
if (*addrlen > sizeof(sin))
*addrlen = sizeof(sin);
SMEMCPY(addr, &sin, *addrlen);
When addrlen and or addr are NULL, this code crashes. Most BSD and
linux
implementations allow it to be NULL. Could/should we change this
code to
be enclosed in:
if (addr != NULL)
{
...
}
Thoughts?
POSIX allows addr to be NULL, so we should indeed check this. It
doesn't
require us to check addrlen is NULL - it's implied if addr is non-
NULL then
the programmer should be ensuring addrlen isn't either. I've added an
assert check for that.
Checked in.
Jifl
Index: CHANGELOG
===================================================================
RCS file: /sources/lwip/lwip/CHANGELOG,v
retrieving revision 1.320
retrieving revision 1.321
diff -u -5 -p -r1.320 -r1.321
--- CHANGELOG 30 Sep 2008 13:50:39 -0000 1.320
+++ CHANGELOG 30 Sep 2008 14:51:27 -0000 1.321
@@ -46,10 +46,14 @@ HISTORY
++ Bugfixes:
2008-09-30 Jonathan Larmour
+ * sockets.c (lwip_accept): check addr isn't NULL. If it's valid,
do an
+ assertion check that addrlen isn't NULL.
+
+ 2008-09-30 Jonathan Larmour
* tcp.c: Fix bug #24227, wrong error message in tcp_bind.
2008-08-26 Simon Goldschmidt
* inet.h, ip_addr.h: fixed bug #24132: Cross-dependency between
ip_addr.h and
inet.h -> moved declaration of struct in_addr from ip_addr.h
to inet.h
Index: src/api/sockets.c
===================================================================
RCS file: /sources/lwip/lwip/src/api/sockets.c,v
retrieving revision 1.117
retrieving revision 1.118
diff -u -5 -p -r1.117 -r1.118
--- src/api/sockets.c 9 May 2008 12:14:24 -0000 1.117
+++ src/api/sockets.c 30 Sep 2008 14:51:27 -0000 1.118
@@ -271,20 +271,26 @@ lwip_accept(int s, struct sockaddr *addr
netconn_delete(newconn);
sock_set_errno(sock, err_to_errno(err));
return -1;
}
- memset(&sin, 0, sizeof(sin));
- sin.sin_len = sizeof(sin);
- sin.sin_family = AF_INET;
- sin.sin_port = htons(port);
- sin.sin_addr.s_addr = naddr.addr;
+ /* Note that POSIX only requires us to check addr is non-NULL.
addrlen must
+ * not be NULL if addr is valid.
+ */
+ if (NULL != addr) {
+ LWIP_ASSERT("addr valid but addrlen NULL", addrlen != NULL);
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_len = sizeof(sin);
+ sin.sin_family = AF_INET;
+ sin.sin_port = htons(port);
+ sin.sin_addr.s_addr = naddr.addr;
- if (*addrlen > sizeof(sin))
- *addrlen = sizeof(sin);
+ if (*addrlen > sizeof(sin))
+ *addrlen = sizeof(sin);
- SMEMCPY(addr, &sin, *addrlen);
+ SMEMCPY(addr, &sin, *addrlen);
+ }
newsock = alloc_socket(newconn);
if (newsock == -1) {
netconn_delete(newconn);
sock_set_errno(sock, ENFILE);
--
eCosCentric Limited http://www.eCosCentric.com/ The eCos
experts
Barnwell House, Barnwell Drive, Cambridge, UK. Tel: +44 1223
245571
Registered in England and Wales: Reg No 4422071.
------["Si fractum non sit, noli id reficere"]------
Opinions==mine
Visit us on stand 905 at the Embedded Systems Show 2008 <<<<
Oct 1-2, NEC, Birmingham, UK http://www.embedded.co.uk <<<<
_______________________________________________
lwip-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/lwip-users