Print this page
8429 getallifaddrs dereferences invalid pointer causing SIGSEGV
Reviewed by: Sebastian Wiedenroth <sw@core.io>
Reviewed by: Yuri Pankov <yuripv@gmx.com>
Reviewed by: Toomas Soome <tsoome@me.com>
*** 19,28 ****
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2017 RackTop Systems.
*/
#include <netdb.h>
#include <nss_dbdefs.h>
#include <netinet/in.h>
*** 100,109 ****
--- 101,118 ----
sa_family_t lifr_af;
int sock4;
int sock6;
int err;
+ /*
+ * Initialize ifap to NULL so we can safely call freeifaddrs
+ * on it in case of error.
+ */
+ if (ifap == NULL)
+ return (EINVAL);
+ *ifap = NULL;
+
if ((sock4 = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
return (-1);
if ((sock6 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
err = errno;
close(sock4);
*** 121,131 ****
* Loop through the interfaces obtained from SIOCGLIFCOMF
* and retrieve the addresses, netmask and flags.
*/
prev = NULL;
lifrp = buf;
- *ifap = NULL;
for (n = 0; n < numifs; n++, lifrp++) {
/* Prepare for the ioctl call */
(void) strncpy(lifrl.lifr_name, lifrp->lifr_name,
sizeof (lifrl.lifr_name));
--- 130,139 ----