Bug 172523 - rpc.lockd(8): Check value of res->ai_family
Summary: rpc.lockd(8): Check value of res->ai_family
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: Unspecified
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-10-09 23:30 UTC by Erik Cederstrand
Modified: 2025-03-16 04:48 UTC (History)
1 user (show)

See Also:

Attachments
file.diff (502 bytes, patch)
2012-10-09 23:30 UTC, Erik Cederstrand 		no flags Details | Diff
lockd.diff (488 bytes, patch)
2025-03-16 04:47 UTC, Mark Linimon 		no flags Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Cederstrand 2012-10-09 23:30:06 UTC 
Found with Clang Static Analyzer: http://scan.freebsd.your.org/freebsd-head/WORLD/2012-10-07-amd64/report-Ap4YNc.html#EndPath

Similar to the create_service() function, lookup_addresses() should fail if the value of res->ai_family is neither AF_INET of AF_INET6.

The base type for res->ai_family is int, so there is no constraint that the value is with AF_INET or AF_INET6.

Fix: See attached patch. Instead of "break;" in the default switch, fail like create_service() function does.

Patch attached with submission follows:
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:22 UTC 
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 2 Graham Perrin freebsd_committer freebsd_triage 2022-10-17 12:34:45 UTC 
Keyword: 

    patch
or  patch-ready

– in lieu of summary line prefix: 

    [patch]

* bulk change for the keyword
* summary lines may be edited manually (not in bulk). 

Keyword descriptions and search interface: 

    <https://bugs.freebsd.org/bugzilla/describekeywords.cgi>
Comment 3 Mark Linimon freebsd_committer freebsd_triage 2025-03-16 04:47:26 UTC 
Created attachment 258713 [details]
lockd.diff

^Triage: rebase patch.
Comment 4 Mark Linimon freebsd_committer freebsd_triage 2025-03-16 04:48:31 UTC 
(In reply to Mark Linimon from comment #3)
Note the that rebase was insufficient.