diff options
| author | csjp <csjp@FreeBSD.org> | 2004-05-10 15:07:23 +0000 |
|---|---|---|
| committer | csjp <csjp@FreeBSD.org> | 2004-05-10 15:07:23 +0000 |
| commit | 3cc360e7bb13bbf6a91389479e2d16f60aa0667e (patch) | |
| tree | 14c8e3598a7376ca19cb4a9b69ca8a68f23fdc39 | |
| parent | b0cb92151500fc3df6bf506441ec94d5d2eb2eb7 (diff) | |
| download | FreeBSD-src-3cc360e7bb13bbf6a91389479e2d16f60aa0667e.zip FreeBSD-src-3cc360e7bb13bbf6a91389479e2d16f60aa0667e.tar.gz | |
Zero the un-used portions of the struct sockaddr data before sending
it back to userspace, so it does not break bind(2) on raw sockets in jails.
Currently some processes, like traceroute(8) construct a routing request
to determine its source address based on the destination. This sockaddr
data is fed directly to bind(2). When bind calls ifa_ifwithaddr(9) to
make sure the address exists on the interface, the comparison will
fail causing bind(2) to return EADDRNOTAVAIL if the data wasnt zero'ed
before initialization.
Approved by: bmilekic (mentor)
| -rw-r--r-- | sys/net/rtsock.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 002432b..d5e1abe 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -404,6 +404,7 @@ route_output(struct mbuf *m, struct socket *so) info.rti_info[RTAX_IFP] = ifaddr_byindex(ifp->if_index)->ifa_addr; if (jailed(so->so_cred)) { + memset(&jail, 0, sizeof(jail)); jail.sin_family = PF_INET; jail.sin_len = sizeof(jail); jail.sin_addr.s_addr = |
