d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Audit sockaddr argument for bind(2), connect(2), accept(2), sendto(2) and

Browse Source 
recvfrom(2) syscalls.

Sponsored by:	The FreeBSD Foundation
This commit is contained in:
Pawel Jakub Dawidek 2013-02-07 00:36:00 +00:00
parent 82b316b377
commit fbda3d5dae
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sys/kern/uipc_syscalls.c
View File

@ -238,6 +238,7 @@ kern_bind(td, fd, sa)
int error;
AUDIT_ARG_FD(fd);
AUDIT_ARG_SOCKADDR(td, sa);
error = getsock_cap(td->td_proc->p_fd, fd, CAP_BIND, &fp, NULL);
if (error)
return (error);
@ -452,6 +453,7 @@ kern_accept(struct thread *td, int s, struct sockaddr **name,
*namelen = 0;
goto done;
}
AUDIT_ARG_SOCKADDR(td, sa);
if (name) {
/* check sa_len before it is destroyed */
if (*namelen > sa->sa_len)
@ -547,6 +549,7 @@ kern_connect(td, fd, sa)
int interrupted = 0;
AUDIT_ARG_FD(fd);
AUDIT_ARG_SOCKADDR(td, sa);
error = getsock_cap(td->td_proc->p_fd, fd, CAP_CONNECT, &fp, NULL);
if (error)
return (error);
@ -763,8 +766,10 @@ kern_sendit(td, s, mp, flags, control, segflg)
AUDIT_ARG_FD(s);
rights = CAP_WRITE;
if (mp->msg_name != NULL)
if (mp->msg_name != NULL) {
AUDIT_ARG_SOCKADDR(td, mp->msg_name);
rights |= CAP_CONNECT;
}
error = getsock_cap(td->td_proc->p_fd, s, rights, &fp, NULL);
if (error)
return (error);
@ -1009,6 +1014,8 @@ kern_recvit(td, s, mp, fromseg, controlp)
error == EINTR || error == EWOULDBLOCK))
error = 0;
}
if (fromsa != NULL)
AUDIT_ARG_SOCKADDR(td, fromsa);
#ifdef KTRACE
if (ktruio != NULL) {
ktruio->uio_resid = len - auio.uio_resid;