Mercurial > dovecot > core-2.2

diff src/lib/network.c @ 12138:e403f4dc95ea
Make sure no data is leaked across processes via struct ip_addr fields.
author: Timo Sirainen <tss@iki.fi>
date: Mon, 20 Sep 2010 18:19:53 +0100
parents: 10c4c9d5fb5b
children: cde0d403c6ff
--- a/src/lib/network.c	Mon Sep 20 17:50:29 2010 +0100
+++ b/src/lib/network.c	Mon Sep 20 18:19:53 2010 +0100
@@ -99,6 +99,10 @@
 static inline void
 sin_get_ip(const union sockaddr_union *so, struct ip_addr *ip)
 {
+	/* IP structs may be sent across processes. Clear the whole struct
+	   first to make sure it won't leak any data across processes. */
+	memset(ip, 0, sizeof(*ip));
+
 	ip->family = so->sin.sin_family;
 
 #ifdef HAVE_IPV6
@@ -505,7 +509,8 @@
 			return -2;
 	}
 	if (so.sin.sin_family == AF_UNIX) {
-		if (addr != NULL) addr->family = 0;
+		if (addr != NULL)
+			memset(addr, 0, sizeof(*addr));
 		if (port != NULL) *port = 0;
 	} else {
 		if (addr != NULL) sin_get_ip(&so, addr);
@@ -634,7 +639,8 @@
 	if (getsockname(fd, &so.sa, &addrlen) == -1)
 		return -1;
 	if (so.sin.sin_family == AF_UNIX) {
-		if (addr != NULL) addr->family = 0;
+		if (addr != NULL)
+			memset(addr, 0, sizeof(*addr));
 		if (port != NULL) *port = 0;
 	} else {
 		if (addr != NULL) sin_get_ip(&so, addr);
@@ -654,7 +660,8 @@
 	if (getpeername(fd, &so.sa, &addrlen) == -1)
 		return -1;
 	if (so.sin.sin_family == AF_UNIX) {
-		if (addr != NULL) addr->family = 0;
+		if (addr != NULL)
+			memset(addr, 0, sizeof(*addr));
 		if (port != NULL) *port = 0;
 	} else {
 		if (addr != NULL) sin_get_ip(&so, addr);