diff options
| author | dillon <dillon@FreeBSD.org> | 1998-12-14 02:25:32 +0000 |
|---|---|---|
| committer | dillon <dillon@FreeBSD.org> | 1998-12-14 02:25:32 +0000 |
| commit | 14901c04b79cb17c3c64e0f387e5bf232548c4f1 (patch) | |
| tree | 944aea4f0c97efa78bd8751707f0852d6ebb930b /lib/libalias/alias.c | |
| parent | 95f78d45621446ffbafb1a53dc3294659c10152a (diff) | |
| download | FreeBSD-src-14901c04b79cb17c3c64e0f387e5bf232548c4f1.zip FreeBSD-src-14901c04b79cb17c3c64e0f387e5bf232548c4f1.tar.gz | |
Reviewed by: freebsd-current
Add bounds checking to netbios NS packet resolving code. This should
prevent natd from crashing on badly formed netbios packets (as might be
heard when the machine is sitting on a cable modem or certain DSL
networks), and also closes potential security holes that might have
exploited the lack of bounds checking in the previous version of the
code.
Diffstat (limited to 'lib/libalias/alias.c')
| -rw-r--r-- | lib/libalias/alias.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/lib/libalias/alias.c b/lib/libalias/alias.c index 48a852a..50e597f 100644 --- a/lib/libalias/alias.c +++ b/lib/libalias/alias.c @@ -73,6 +73,9 @@ - Eliminated PacketAliasIn2() and PacketAliasOut2() as poorly conceived. + Version 2.3 Dec 1998 (dillon) + - Major bounds checking additions, see FreeBSD/CVS + See HISTORY file for additional revisions. */ @@ -603,6 +606,7 @@ UdpAliasIn(struct ip *pip) u_short alias_port; int accumulate; u_short *sptr; + int r = 0; alias_address = GetAliasAddress(link); original_address = GetOriginalAddress(link); @@ -613,11 +617,11 @@ UdpAliasIn(struct ip *pip) if (ntohs(ud->uh_dport) == NETBIOS_DGM_PORT_NUMBER || ntohs(ud->uh_sport) == NETBIOS_DGM_PORT_NUMBER ) { - AliasHandleUdpNbt(pip, link, &original_address, ud->uh_dport); + r = AliasHandleUdpNbt(pip, link, &original_address, ud->uh_dport); } else if (ntohs(ud->uh_dport) == NETBIOS_NS_PORT_NUMBER || ntohs(ud->uh_sport) == NETBIOS_NS_PORT_NUMBER ) { - AliasHandleUdpNbtNS(pip, link, + r = AliasHandleUdpNbtNS(pip, link, &alias_address, &alias_port, &original_address, @@ -648,7 +652,14 @@ UdpAliasIn(struct ip *pip) (u_short *) &pip->ip_dst, 2); pip->ip_dst = original_address; - return(PKT_ALIAS_OK); + + /* + * If we cannot figure out the packet, ignore it. + */ + if (r < 0) + return(PKT_ALIAS_IGNORED); + else + return(PKT_ALIAS_OK); } return(PKT_ALIAS_IGNORED); } |
