Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Date: Sat, 24 Nov 2001 16:39:14 -0500
From: Christopher Faylor <cgf AT redhat DOT com>
To: cygwin-developers AT cygwin DOT com
Subject: Re: Added some defensive code to net/socket functions
Message-ID: <20011124213914.GA9553@redhat.com>
Reply-To: cygwin-developers AT cygwin DOT com
Mail-Followup-To: cygwin-developers AT cygwin DOT com
References: <20011124031835 DOT GA22045 AT redhat DOT com> <20011124221357 DOT D14975 AT cygbert DOT vinschen DOT de> <20011124212645 DOT GA9292 AT redhat DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20011124212645.GA9292@redhat.com>
User-Agent: Mutt/1.3.23.1i

On Sat, Nov 24, 2001 at 04:26:45PM -0500, Christopher Faylor wrote:
>On Sat, Nov 24, 2001 at 10:13:57PM +0100, Corinna Vinschen wrote:
>>On Fri, Nov 23, 2001 at 10:18:35PM -0500, Christopher Faylor wrote:
>>> As I was in the process of adding the fd protection code that was just
>>> mentioned in the cygwin mailing list, I decided to add the normal buffer
>>> checking defensive code to most of the net/socket functions.  I've
>>> verified that sshd, inetd, and telnetd still work, but I'd appreciate it
>>> if I could get some assurance that I haven't broken anything else.
>>> 
>>> The checking in net.cc was a lot trickier than I had anticipated so
>>> I could easily have gotten something wrong.
>>> 
>>> If someone could verify my changes, it would be great.
>>
>>They look ok except for one in cygwin_inet_network() which I've just
>>changed.
>>
>>I have added the missing checks except for cygwin_rcmd() and
>>cygwin_rexec().  They both have a so weird usage of the pointered
>>parameters.  Hmm, I could add stuff at least partly.
>
>herror, does something special when it's parameter is NULL, though.
>I don't think a parameter check is appropriate here.  linux actually
>gets a SEGV when you pass herror an invalid parameter.

Thanks for finishing these up, btw.  I didn't even know where to start with
some of them.

cgf