diff options
| author | millert <> | 2019-11-04 17:33:28 +0000 |
|---|---|---|
| committer | millert <> | 2019-11-04 17:33:28 +0000 |
| commit | fa5fe6563928db24cc10e559d856643cc57ebc48 (patch) | |
| tree | 28f6f7ee13e4278d2a0dc580119bc9a58da98570 /src | |
| parent | 473ff9fa422864f3113673306b8f6147b53d2237 (diff) | |
| download | openbsd-fa5fe6563928db24cc10e559d856643cc57ebc48.tar.gz openbsd-fa5fe6563928db24cc10e559d856643cc57ebc48.tar.bz2 openbsd-fa5fe6563928db24cc10e559d856643cc57ebc48.zip | |
Fix an out of bound read/write when using a proxy.
From Lucas AT sexy DOT is. OK job@ kn@
Diffstat (limited to 'src')
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 26 | ||||
| -rw-r--r-- | src/usr.bin/nc/socks.c | 6 |
2 files changed, 21 insertions, 11 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index 503e9aa2b5..a53fe1c4cd 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.209 2019/10/24 12:48:54 job Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.210 2019/11/04 17:33:28 millert Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -705,8 +705,12 @@ main(int argc, char *argv[]) | |||
| 705 | 705 | ||
| 706 | fprintf(stderr, "Connection to %s", host); | 706 | fprintf(stderr, "Connection to %s", host); |
| 707 | 707 | ||
| 708 | /* if there is something to report, print IP */ | 708 | /* |
| 709 | if (!nflag && (strcmp(host, ipaddr) != 0)) | 709 | * if we aren't connecting thru a proxy and |
| 710 | * there is something to report, print IP | ||
| 711 | */ | ||
| 712 | if (!nflag && !xflag | ||
| 713 | && (strcmp(host, ipaddr) != 0)) | ||
| 710 | fprintf(stderr, " (%s)", ipaddr); | 714 | fprintf(stderr, " (%s)", ipaddr); |
| 711 | 715 | ||
| 712 | fprintf(stderr, " %s port [%s/%s] succeeded!\n", | 716 | fprintf(stderr, " %s port [%s/%s] succeeded!\n", |
| @@ -959,12 +963,17 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, | |||
| 959 | 963 | ||
| 960 | set_common_sockopts(s, res->ai_family); | 964 | set_common_sockopts(s, res->ai_family); |
| 961 | 965 | ||
| 962 | if ((herr = getnameinfo(res->ai_addr, res->ai_addrlen, ipaddr, | 966 | if (ipaddr != NULL) { |
| 963 | NI_MAXHOST, NULL, 0, NI_NUMERICHOST)) != 0) { | 967 | herr = getnameinfo(res->ai_addr, res->ai_addrlen, |
| 964 | if (herr == EAI_SYSTEM) | 968 | ipaddr, NI_MAXHOST, NULL, 0, NI_NUMERICHOST); |
| 969 | switch (herr) { | ||
| 970 | case 0: | ||
| 971 | break; | ||
| 972 | case EAI_SYSTEM: | ||
| 965 | err(1, "getnameinfo"); | 973 | err(1, "getnameinfo"); |
| 966 | else | 974 | default: |
| 967 | errx(1, "getnameinfo: %s", gai_strerror(herr)); | 975 | errx(1, "getnameinfo: %s", gai_strerror(herr)); |
| 976 | } | ||
| 968 | } | 977 | } |
| 969 | 978 | ||
| 970 | if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0) | 979 | if (timeout_connect(s, res->ai_addr, res->ai_addrlen) == 0) |
| @@ -972,7 +981,8 @@ remote_connect(const char *host, const char *port, struct addrinfo hints, | |||
| 972 | 981 | ||
| 973 | if (vflag) { | 982 | if (vflag) { |
| 974 | /* only print IP if there is something to report */ | 983 | /* only print IP if there is something to report */ |
| 975 | if (nflag || (strncmp(host, ipaddr, NI_MAXHOST) == 0)) | 984 | if (nflag || ipaddr == NULL || |
| 985 | (strncmp(host, ipaddr, NI_MAXHOST) == 0)) | ||
| 976 | warn("connect to %s port %s (%s) failed", host, | 986 | warn("connect to %s port %s (%s) failed", host, |
| 977 | port, uflag ? "udp" : "tcp"); | 987 | port, uflag ? "udp" : "tcp"); |
| 978 | else | 988 | else |
diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c index 5ec5c95cd6..9766be7da4 100644 --- a/src/usr.bin/nc/socks.c +++ b/src/usr.bin/nc/socks.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: socks.c,v 1.29 2019/07/29 15:19:03 benno Exp $ */ | 1 | /* $OpenBSD: socks.c,v 1.30 2019/11/04 17:33:28 millert Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1999 Niklas Hallqvist. All rights reserved. | 4 | * Copyright (c) 1999 Niklas Hallqvist. All rights reserved. |
| @@ -53,7 +53,7 @@ | |||
| 53 | #define SOCKS_DOMAIN 3 | 53 | #define SOCKS_DOMAIN 3 |
| 54 | #define SOCKS_IPV6 4 | 54 | #define SOCKS_IPV6 4 |
| 55 | 55 | ||
| 56 | int remote_connect(const char *, const char *, struct addrinfo); | 56 | int remote_connect(const char *, const char *, struct addrinfo, char *); |
| 57 | int socks_connect(const char *, const char *, struct addrinfo, | 57 | int socks_connect(const char *, const char *, struct addrinfo, |
| 58 | const char *, const char *, struct addrinfo, int, | 58 | const char *, const char *, struct addrinfo, int, |
| 59 | const char *); | 59 | const char *); |
| @@ -201,7 +201,7 @@ socks_connect(const char *host, const char *port, | |||
| 201 | if (authretry++ > 3) | 201 | if (authretry++ > 3) |
| 202 | errx(1, "Too many authentication failures"); | 202 | errx(1, "Too many authentication failures"); |
| 203 | 203 | ||
| 204 | proxyfd = remote_connect(proxyhost, proxyport, proxyhints); | 204 | proxyfd = remote_connect(proxyhost, proxyport, proxyhints, NULL); |
| 205 | 205 | ||
| 206 | if (proxyfd < 0) | 206 | if (proxyfd < 0) |
| 207 | return (-1); | 207 | return (-1); |