Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Jan 2009 01:10:02 GMT
From:      "Li yonggang" <leeygang@gmail.com>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: bin/130300: netstat crash when params is incorrect
Message-ID:  <200901130110.n0D1A25N039358@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The following reply was made to PR bin/130300; it has been noted by GNATS.

From: "Li yonggang" <leeygang@gmail.com>
To: "Ruslan Ermilov" <ru@freebsd.org>
Cc: bug-followup@freebsd.org
Subject: Re: bin/130300: netstat crash when params is incorrect
Date: Tue, 13 Jan 2009 01:02:06 +0000

 the fix from Ruslan Ermilov works for netstat -m foo.
 but I still think there MUST be a check for illegal params input.
 because in netstat -m foo, the live variable will be set 0 by mistake,
 there is no any reason to continue, because the further call kread
 will use illegal input: foo. we should stop at usage() when illegal
 params input is found. this will apply for all the params input not
 only -m foo, which will help reduce the possibility of the regression
 like -m foo.
 
 %%%
 Index:main.c
 
 =================================================
 --- main.c	2009-01-12 15:13:06.000000000 +0000
 +++ ../main.c	2009-01-12 15:32:14.000000000 +0000
 @@ -341,6 +341,7 @@
  int	af;		/* address family */
  int	live;		/* true if we are examining a live system */
 
 +
  int
  main(int argc, char *argv[])
  {
 @@ -463,28 +464,12 @@
  		default:
  			usage();
  		}
 -	argv += optind;
 -	argc -= optind;
 -
 -#define	BACKWARD_COMPATIBILITY
 -#ifdef	BACKWARD_COMPATIBILITY
 -	if (*argv) {
 -		if (isdigit(**argv)) {
 -			interval = atoi(*argv);
 -			if (interval <= 0)
 -				usage();
 -			++argv;
 -			iflag = 1;
 -		}
 -		if (*argv) {
 -			nlistf = *argv;
 -			if (*++argv)
 -				memf = *argv;
 -		}
 -	}
 -#endif
 -
 -	/*
 +    /*
 +     * Params should be parsed without error.
 +     * */
 +    if(*(argv += optind))
 +        usage();
 +    /*
  	 * Discard setgid privileges if not the running kernel so that bad
  	 * guys can't print interesting stuff from kernel memory.
  	 */
 %%%
 
 Thanks,
 Yonggang Li

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901130110.n0D1A25N039358>