Mercurial > dovecot > core-2.2
changeset 1794:e1a7e38c17ed HEAD
Put the msg/cmsg checks in CHECK_MSG() and CHECK_CMSG() macros. Add support
for Linux 2.0 kernels by checking if LINUX20 is defined.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 03 Oct 2003 18:02:47 +0300 |
parents | 82e19ad18784 |
children | e48b49aaeffc |
files | src/lib/fdpass.c |
diffstat | 1 files changed, 19 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib/fdpass.c Fri Oct 03 17:50:48 2003 +0300 +++ b/src/lib/fdpass.c Fri Oct 03 18:02:47 2003 +0300 @@ -78,6 +78,22 @@ return sendmsg(handle, &msg, 0); } +#ifdef __osf__ +# define CHECK_MSG(msg) TRUE /* Tru64 */ +#else +# define CHECK_MSG(msg) (msg).msg_controllen >= CMSG_SPACE(sizeof(int)) +#endif + +#ifdef LINUX20 +/* Linux 2.0.x doesn't set any cmsg fields. Note that this might make some + attacks possible so don't do it unless you really have to. */ +# define CHECK_CMSG(cmsg) ((cmsg) != NULL) +#else +# define CHECK_CMSG(cmsg) \ + ((cmsg) != NULL && (cmsg)->cmsg_len >= CMSG_LEN(sizeof(int)) && \ + (cmsg)->cmsg_level == SOL_SOCKET && (cmsg)->cmsg_type == SCM_RIGHTS) +#endif + ssize_t fd_read(int handle, void *data, size_t size, int *fd) { struct msghdr msg; @@ -109,17 +125,10 @@ /* at least one byte transferred - we should have the fd now. do extra checks to make sure it really is an fd that is being transferred to avoid potential DoS conditions. some systems don't - set all these values correctly however: - - Linux 2.0.x - cmsg_len, cmsg_level, cmsg_type are not set - Tru64 - msg_controllen isn't set */ + set all these values correctly however so CHECK_MSG() and + CHECK_CMSG() are somewhat system dependent */ cmsg = CMSG_FIRSTHDR(&msg); - if ( -#ifndef __osf__ /* Tru64 */ - msg.msg_controllen < CMSG_SPACE(sizeof(int)) || -#endif - cmsg == NULL || cmsg->cmsg_len < CMSG_LEN(sizeof(int)) || - cmsg->cmsg_level != SOL_SOCKET || cmsg->cmsg_type != SCM_RIGHTS) + if (!CHECK_MSG(msg) || !CHECK_CMSG(cmsg)) *fd = -1; else *fd = *((int *) CMSG_DATA(cmsg));