illumos-gate Udiff usr/src/lib/libsocket/inet/getifaddrs.c

Print this page

8429 getallifaddrs dereferences invalid pointer causing SIGSEGV
Reviewed by: Sebastian Wiedenroth <sw@core.io>
Reviewed by: Yuri Pankov <yuripv@gmx.com>
Reviewed by: Toomas Soome <tsoome@me.com>

@@ -19,10 +19,11 @@
  * CDDL HEADER END
  */
 
 /*
  * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2017 RackTop Systems.
  */
 
 #include <netdb.h>
 #include <nss_dbdefs.h>
 #include <netinet/in.h>

@@ -100,10 +101,18 @@
         sa_family_t lifr_af;
         int sock4;
         int sock6;
         int err;
 
+        /*
+         * Initialize ifap to NULL so we can safely call freeifaddrs
+         * on it in case of error.
+         */
+        if (ifap == NULL)
+                return (EINVAL);
+        *ifap = NULL;
+
         if ((sock4 = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
                 return (-1);
         if ((sock6 = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
                 err = errno;
                 close(sock4);

@@ -121,11 +130,10 @@
          * Loop through the interfaces obtained from SIOCGLIFCOMF
          * and retrieve the addresses, netmask and flags.
          */
         prev = NULL;
         lifrp = buf;
-        *ifap = NULL;
         for (n = 0; n < numifs; n++, lifrp++) {
 
                 /* Prepare for the ioctl call */
                 (void) strncpy(lifrl.lifr_name, lifrp->lifr_name,
                     sizeof (lifrl.lifr_name));