]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commit
projects / ceph.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 520a5a2) | patch
msg/msg_types: fix the entity_addr_t's decoder 17699/head
authorKefu Chai <kchai@redhat.com>
Wed, 13 Sep 2017 14:55:58 +0000 (22:55 +0800)
committerKefu Chai <kchai@redhat.com>
Fri, 15 Sep 2017 09:26:19 +0000 (17:26 +0800)
commitaa83c2c42dd52c8b1d459386309491feccfea567
tree541dda157eddb22a99d4905db3b54e0a5f23765dtree | snapshot
parent520a5a218c68f00ac269e0fadf343f0aebef5dbdcommit | diff
msg/msg_types: fix the entity_addr_t's decoder

the daemon is vulnerable to malicious client, which is able to send
large elen, and corrupt the stack, etc.

* throw at seeing corrupted entity_addr_t where its elen exceeds
  the length of sockaddr
* handle the exception thrown when decoding entity_addr_t in messenger
  layer.
* if a malicious client manages to send a corrutped entity_addr_t to
  daemon, daemon will crash because decode fails and the exception is
  not handled. it's better than continuing working with the bogus
  message.

Signed-off-by: Kefu Chai <kchai@redhat.com>
src/msg/async/AsyncConnection.cc diff | blob | history
src/msg/msg_types.h diff | blob | history
src/msg/simple/Pipe.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.