diff options
author | Olaf Hering <olaf@aepfle.de> | 2012-05-31 16:40:06 +0200 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2012-07-04 05:44:05 +0100 |
commit | 10682d24d003b44cc4dac217047d26f9b210a514 (patch) | |
tree | 6b95c3ccd074a3f56375c1967687c6dc45e47e69 /tools | |
parent | f3853ace1a3eeb934ab739704285a20598ef0644 (diff) | |
download | kernel-common-10682d24d003b44cc4dac217047d26f9b210a514.tar.gz kernel-common-10682d24d003b44cc4dac217047d26f9b210a514.tar.bz2 kernel-common-10682d24d003b44cc4dac217047d26f9b210a514.zip |
Tools: hv: verify origin of netlink connector message
commit bcc2c9c3fff859e0eb019fe6fec26f9b8eba795c upstream.
The SuSE security team suggested to use recvfrom instead of recv to be
certain that the connector message is originated from kernel.
CVE-2012-2669
Signed-off-by: Olaf Hering <olaf@aepfle.de>
Signed-off-by: Marcus Meissner <meissner@suse.de>
Signed-off-by: Sebastian Krahmer <krahmer@suse.de>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Diffstat (limited to 'tools')
-rw-r--r-- | tools/hv/hv_kvp_daemon.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c index 11224eddcdc2..323d4d9874c2 100644 --- a/tools/hv/hv_kvp_daemon.c +++ b/tools/hv/hv_kvp_daemon.c @@ -384,14 +384,18 @@ int main(void) pfd.fd = fd; while (1) { + struct sockaddr *addr_p = (struct sockaddr *) &addr; + socklen_t addr_l = sizeof(addr); pfd.events = POLLIN; pfd.revents = 0; poll(&pfd, 1, -1); - len = recv(fd, kvp_recv_buffer, sizeof(kvp_recv_buffer), 0); + len = recvfrom(fd, kvp_recv_buffer, sizeof(kvp_recv_buffer), 0, + addr_p, &addr_l); - if (len < 0) { - syslog(LOG_ERR, "recv failed; error:%d", len); + if (len < 0 || addr.nl_pid) { + syslog(LOG_ERR, "recvfrom failed; pid:%u error:%d %s", + addr.nl_pid, errno, strerror(errno)); close(fd); return -1; } |