Commit Graph

379 Commits

Author SHA1 Message Date
Xin LI
94c5b2d124 Revert r300385 and r300624 which was false positive
reported by cppcheck.

dup_ncp() tries to allocate a buffer of MAXNETCONFIGLINE
as tmp, which is then assigned to p->nc_netid via strcpy,
so the free(p->nc_netid) would have correctly released
the memory in case nc_lookups() fails, therefore, the
allerged leak never existed.

MFC after:	3 days
2017-06-30 07:04:10 +00:00
Xin LI
091867a611 Fix use-after-free introduced in r300388.
In r300388, endnetconfig() was called on nc_handle which would release
the associated netconfig structure, which means tmpnconf->nc_netid
would be a use-after-free.

Solve this by doing endnetconfig() in return paths instead.

Reported by:	jemalloc via kevlo
Reviewed by:	cem, ngie (earlier version)
MFC after:	3 days
Differential Revision:    https://reviews.freebsd.org/D11288
2017-06-22 05:10:16 +00:00
Xin LI
6448ec89e7 * limit size of buffers to RPC_MAXDATASIZE
* don't leak memory
 * be more picky about bad parameters

From:

https://raw.githubusercontent.com/guidovranken/rpcbomb/master/libtirpc_patch.txt
https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt

via NetBSD.

Reviewed by:	emaste, cem (earlier version)
Differential Revision:	https://reviews.freebsd.org/D10922
MFC after:	3 days
2017-06-01 06:12:25 +00:00
Brooks Davis
efa2501ed6 Support clnt_raw's use of FD_SETSIZE as a fake file descriptor.
Accomplish this by allocating space for it in __svc_xports and allowing
it to be registered.  The failure to allocate space was causing an
out-of-bounds read in svc_getreq_common().  The failure to register
caused PR 211804.

The bug was found with CHERI bounds checking.

PR:		211804
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Reviewed by:	ngie
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D10528
2017-05-01 20:04:07 +00:00
Pedro F. Giffuni
9f36610f9e libc: provide some bounds-checking through reallocarray(3).
reallocarray(3) is a non portable extension that originated in OpenBSD.
Given that it is already in FreeBSD's libc it is useful for the cases
where reallocation involves a multiplication.

MFC after:		2 weeks
Differential Revision:	https://reviews.freebsd.org/D9955
2017-03-12 16:03:34 +00:00
Pedro F. Giffuni
8e60fa95cb libc/rpc: replace comma with semicolon when pertinent.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.

Detected with devel/coccinelle following a hint from DragonFlyBSD.

MFC after:	1 month
2016-08-09 19:20:53 +00:00
Bryan Drewery
77c7a21036 Use on crypto.x and rpc.x from the source tree.
This fixes the build when DESTDIR may be blank or not yet populated.
It also fixes reproducibility.

Submitted by:	brooks
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D6455
2016-06-28 19:53:16 +00:00
Pedro F. Giffuni
478eb9e9ca libc/rpc: Make use of some xdr_* macros. (part 2)
xdr_rpcproc, xdr_rpcprog and xdr_rpcvers were broken in older
versions of FreeBSD but fixed in r296394.  Give them some use
hoping they help make the code somewhat more readable.
2016-06-09 22:18:25 +00:00
Pedro F. Giffuni
ea21823d9f libc/rpc: Make use of some xdr_* macros.
xdr_rpcprog and xdr_rpcvers were broken in older versions of FreeBSD
but were fixed in r296394. Give them some use hoping they help make
the code somewhat more readable.
2016-06-09 19:44:47 +00:00
Kevin Lo
88609a6a7a Fix the rpcb_getaddr() definition to match its declaration.
Submitted by:	Sebastian Huber <sebastian dot huber at embedded-brains dot de>
2016-06-09 14:33:00 +00:00
Enji Cooper
3304ba9d70 Test for strchr(3) returning NULL, not 0
MFC after: 3 days
Reported by: coccinelle
Sponsored by: EMC / Isilon Storage Division
2016-06-08 23:17:30 +00:00
Enji Cooper
8f5cc69027 Fix up r300385
I accidentally glossed over the fact that tmp is manipulated via strchr, so
if we tried to free `tmp` after r300385, it would have crashed.

Create a separate pointer (tmp2) to track the original allocation of `tmp`,
and free `tmp2` if `p->nc_lookups` can't be malloced

MFC after: 4 days
X-MFC with: r300385
Reported by: Coverity
CID: 1356026
Sponsored by: EMC / Isilon Storage Division
2016-05-24 19:52:05 +00:00
Enji Cooper
3c048026b5 Remove redundant NULLing of outbuf_pmap
If reallocf ever failed, outbuf_pmap would already be NULL

MFC after: 1 week
X-MFC with: r300620
Reported by: cem
Sponsored by: EMC / Isilon Storage Division
2016-05-24 18:53:06 +00:00
Enji Cooper
75cd48a1c1 Use reallocf instead of malloc to fix leak with outbuf_pmap
The previous code overwrote outbuf_pmap's memory with malloc once per
loop iteration, which leaked its memory; use reallocf instead to ensure
that memory is properly free'd each loop iteration.

Add a outbuf_pmap = NULL in the failure case to avoid a double-free
at the bottom of the function.

Differential Revision: https://reviews.freebsd.org/D6495
MFC after: 1 week
Reported by: Coverity
CID: 1038776
Reviewed by: markj, pfgj
Sponsored by: EMC / Isilon Storage Division
2016-05-24 18:44:50 +00:00
Enji Cooper
f1209420eb nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..)
If the buffer couldn't be adequately resized to accomodate an additional "\n",
it would leak resultbuf by breaking from the loop early

MFC after: 2 weeks
Reported by: Coverity
CID: 1016702
Sponsored by: EMC / Isilon Storage Division
2016-05-22 03:05:27 +00:00
Enji Cooper
b70cb0694b Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf
was NULL

This would theoretically happen if the netconfig protocol family and protocol
semantics were never matched.

MFC after: 2 weeks
Reported by: Coverity
CID: 978179
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:53:11 +00:00
Enji Cooper
99d498608a getnetid(..): consistently fclose fd at the end of the function
This mutes a false positive with cppcheck, but also helps eliminate future
potential issues with this variable

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:24:38 +00:00
Enji Cooper
3552a02626 Don't leak handle if svc_tp_create(..) succeeds and allocating a new
struct xlist object fails

MFC after: 1 week
Reported by: Coverity
CID: 978277
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:02:18 +00:00
Enji Cooper
9c11e6b093 Don't leak tmp if p->nc_lookups can't be malloced
MFC after: 1 week
Reported by: cppcheck
Sponsored by: EMC / Isilon Storage Division
2016-05-22 01:45:15 +00:00
Pedro F. Giffuni
32223c1b7d libc: spelling fixes.
Mostly on comments.
2016-04-30 01:24:24 +00:00
Andriy Voskoboinyk
2cf5e9365d libc: do not include <sys/types.h> where <sys/param.h> was already included
According to style(9):
> normally, include <sys/types.h> OR <sys/param.h>, but not both.
(<sys/param.h> already includes <sys/types.h> when LOCORE is not defined).
2016-04-18 21:05:15 +00:00
Pedro F. Giffuni
341f552d8c libc: cleanup unnecessary semicolons (part 2).
Found with devel/coccinelle.
2016-04-11 18:09:38 +00:00
Pedro F. Giffuni
513004a23d libc: replace 0 with NULL for pointers.
While here also cleanup some surrounding code; particularly
drop some malloc() casts.

Found with devel/coccinelle.

Reviewed by:	bde (previous version - all new bugs are mine)
2016-04-10 19:33:58 +00:00
Pedro F. Giffuni
09426b3d88 Stray tabs and spaces.
No functional change.
2016-03-05 01:17:23 +00:00
Pedro F. Giffuni
ef2c4fae74 Work around aliasing issues detected in modern GCC.
Avoid casting gymnastics that lead to pointer aliasing by introducing an
inline function as done in NetBSD (but without #if0'd WIP code).

Obtained from:	NetBSD (CVS Rev. 1.24, 1.25)
2016-03-04 15:30:41 +00:00
Pedro F. Giffuni
283970e873 RPC: update the getrpcbyname() definition to include a const qualifier.
Add const qualifier making getrpcbyname() and getrpcbyname_r()
prototypes match those used in latest Sun RPC code (TI-RPC 2.3).

Obtained from:	NetBSD
2016-02-26 23:25:21 +00:00
Pedro F. Giffuni
a6221f7b51 rpc: fix failure to clear string by passing the wrong size to memset.
Noted by NetBSD's PR/21014

Obtained from:	NetBSD (CVS Rev. 1.24, 1.25)
MFC after:	1 month
2016-02-26 14:39:39 +00:00
Enji Cooper
c16d674c2d Fix a mismerge from NetBSD in r162194 with xdr_rpcb_entry_list_ptr(..)
This fixes the potential NULL pointer dereference properly, and also fixes
memory leaks encountered in the process of iterating through `*rp`.

MFC after: 1 week
Found by: Valgrind
Reported by: Dan Roberts <dan.roberts@isilon.com>
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: EMC / Isilon Storage Division
2016-01-12 00:20:57 +00:00
Enji Cooper
7f3159edc5 Similar to r293704, fix theoretical leak of netconfig(3) resources in
__rpcbind_is_up(..) if getnetconfig(3) is partly successful in allocating
resources, but not completely successful by moving the endnetconfig(3) call
up before we return from the function if nconf == NULL.

MFC after: 1 week
Reported by: Coverity
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: EMC / Isilon Storage Division
2016-01-11 22:01:33 +00:00
Enji Cooper
d140ec33c7 Fix theoretical leak of netconfig(3) resources in svcunix_create(..)
In the event that the getconfig(3) call in svcunix_create is partly successful,
some of the netconfig(3) resources allocated might be leaked if the call returns
NULL as endnetconfig(3) wasn't called explicitly in that case. Ensure that the
resources are fully cleaned up by going to the `done` label, which will call
endnetconfig(3) for us.

MFC after: 1 week
Reported by: Coverity
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: EMC / Isilon Storage Division
2016-01-11 21:56:53 +00:00
Stanislav Sedov
5eff94ee56 RPC: populate local address for rendezvous transporter.
When accepting a connection on underlying tcp socket rpc vc
transporter fails to populate local address.  This change rectifies
this problem by modifying rendezvous_request() to fill out the xptr
structure member with appropriate information.

Submitted by:	Alex Burlyga <alex.burlyga.ietf@gmail.com>
MFC after:	2 weeks
Differential Revision: https://reviews.freebsd.org/D4206
2015-12-10 05:17:04 +00:00
Enji Cooper
c7f7fdd28b Remove unnecessary if (x) tests before calling free(x); free(3)
already employs this check

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2015-11-02 01:22:06 +00:00
Craig Rodrigues
6790313541 Use proper function prototypes.
Eliminates -Wstrict-prototypes warning
2015-10-07 19:55:58 +00:00
Craig Rodrigues
587cf6827d Use ANSI C prototypes. Eliminates -Wold-style-definition warnings. 2015-09-22 15:40:07 +00:00
Craig Rodrigues
193d994d2d Use ANSI C prototypes.
Eliminates gcc 4.9 warnings.
2015-09-20 04:23:16 +00:00
Craig Rodrigues
5dfef00190 Use unsigned variable.
Eliminates gcc 4.9 compiler warning.
2015-09-01 09:22:24 +00:00
Craig Rodrigues
7760154342 Use ANSI C prototypes.
Eliminates gcc 4.9 warnings.
2015-09-01 08:34:44 +00:00
Craig Rodrigues
929d5af546 Use correct function prototype for signal handler.
Eliminates gcc 4.9 warning.
2015-09-01 07:33:36 +00:00
Craig Rodrigues
a7c2cd38d4 Use ANSI C prototypes.
Eliminates gcc 4.9 warnings.
2015-09-01 07:32:03 +00:00
Craig Rodrigues
084bc321f2 Mark unused parameters to reduce gcc 4.9 warnings. 2015-09-01 02:42:05 +00:00
Craig Rodrigues
68895e384f Use ANSI C prototypes.
Eliminates gcc 4.9 warnings.
2015-09-01 02:39:07 +00:00
Baptiste Daroussin
583110b719 mdoc: fix functions declarations 2015-04-26 10:53:50 +00:00
Pedro F. Giffuni
2b1474fdde libc: clean some set-but-not-used errors.
These were found by gcc 5.0 on Dragonfly BSD, however I
made no attempt to silence the false positives.

Obtained from:	DragonFly (cf515c3a6f3a8964ad592e524442bc628f8ed63b)
2015-02-18 03:33:17 +00:00
Pedro F. Giffuni
e742fdff32 rpc: Uninitialized pointer read
Initialize *xprt to avoid exposing a random value
in cleanup_svc_vc_create.

CID:		1018723
Phabric:	D1749
Reviewed by:	alfred
2015-02-02 00:21:34 +00:00
Pedro F. Giffuni
81cb3b156b Resource leak
CID:	1016703
Reviewed by:	alfred
2015-02-01 23:19:06 +00:00
Joel Dahl
4990a1c050 mdoc: improvements to SEE ALSO. 2014-12-27 08:31:52 +00:00
Brooks Davis
e7254647bf Remove an unused variable that would be better spelled __func__.
Sponsored by:	DARPA, AFRL
2014-10-24 23:24:47 +00:00
Christian Brueffer
1a2ac459a9 Properly free resources in case of error.
CID:		1007032
Found with:	Coverity Prevent(tm)
MFC after:	2 weeks
2014-05-02 20:41:09 +00:00
David Chisnall
635d1cf108 Move definitions out of rpc_com so that the linker doesn't complain about
multiple definitions.

Reported by:	sbruno
2014-04-06 17:06:27 +00:00
Marcel Moolenaar
8876613dc5 Replace use of ${.CURDIR} by ${LIBC_SRCTOP} and define ${LIBC_SRCTOP}
if not already defined. This allows building libc from outside of
lib/libc using a reach-over makefile.

A typical use-case is to build a standard ILP32 version and a COMPAT32
version in a single iteration by building the COMPAT32 version using a
reach-over makefile.

Obtained from:	Juniper Networks, Inc.
2014-03-04 02:19:39 +00:00