From patchwork Tue Feb  7 13:11:42 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: LIU Hao <lh_mouse@126.com>
X-Patchwork-Id: 64442
Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id D7FAB3858C30
	for <patchwork@sourceware.org>; Tue,  7 Feb 2023 13:12:10 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D7FAB3858C30
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1675775530;
	bh=Sn3RIB46CG2cPlNoa1C287V9n30JhWWpm27nP2nsfRw=;
	h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:
	 List-Help:List-Subscribe:From:Reply-To:From;
	b=jHWqAdpH/dH8DvHVKlI57ScCFT3i0J4uGfebb+FcY8H58E1dXMs8/sE068GqgdHT7
	 B1vaMy7mUsrrss9VQI2aMd5NGKKamzKcp1kke3oivXn5PtOa8R/1tsbPLzM937he6b
	 URN5SwOsn6t4pWS8m+Ly/vDxH1wfkJLc6JgQKuk4=
X-Original-To: libc-alpha@sourceware.org
Delivered-To: libc-alpha@sourceware.org
Received: from m126.mail.126.com (m126.mail.126.com [123.126.96.241])
 by sourceware.org (Postfix) with ESMTP id E0EE43858D33
 for <libc-alpha@sourceware.org>; Tue,  7 Feb 2023 13:11:47 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E0EE43858D33
Received: from [192.168.50.66] (unknown [116.236.172.42])
 by smtp12 (Coremail) with SMTP id fORpCgDHVi8OTuJjw5XMAg--.17994S2;
 Tue, 07 Feb 2023 21:11:43 +0800 (CST)
Message-ID: <162965eb-f84c-ca03-2cc1-dd895fbadcd6@126.com>
Date: Tue, 7 Feb 2023 21:11:42 +0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.7.1
To: libc-alpha@sourceware.org
Content-Language: en-US
Subject: `__if_nametoindex()` can leak an FD if its argument is too long
X-CM-TRANSID: fORpCgDHVi8OTuJjw5XMAg--.17994S2
X-Coremail-Antispam: 1Uf129KBjDUn29KB7ZKAUJUUUUU529EdanIXcx71UUUUU7v73
 VFW2AGmfu7bjvjm3AaLaJ3UbIYCTnIWIevJa73UjIFyTuYvjxU3sjjDUUUU
X-Originating-IP: [116.236.172.42]
X-CM-SenderInfo: 5okbz0xxvhqiyswou0bp/1tbiJhAPRlpD8Cp1qQAAsg
X-Spam-Status: No, score=-3133.4 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0,
 RCVD_IN_BARRACUDACENTRAL, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
X-Patchwork-Original-From: LIU Hao via Libc-alpha <libc-alpha@sourceware.org>
From: LIU Hao <lh_mouse@126.com>
Reply-To: LIU Hao <lh_mouse@126.com>
Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org
Sender: "Libc-alpha"
 <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>

Greetings, libc maintainers.

It looks like `if_nametoindex()` for Hurd can leak a socket descriptor if its argument string is too 
long. Patch attached.
---
Best regards,
LIU Hao

From 6ba2bc2fa7d01999a9c92953ca7d84146fe6c741 Mon Sep 17 00:00:00 2001
From: LIU Hao <lh_mouse@126.com>
Date: Tue, 7 Feb 2023 21:05:50 +0800
Subject: [PATCH] hurd: Don't lean the socket FD if argument to
 `__if_nametoindex()` is too long

---
 sysdeps/mach/hurd/if_index.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/sysdeps/mach/hurd/if_index.c b/sysdeps/mach/hurd/if_index.c
index a4472269b7..9b598a279d 100644
--- a/sysdeps/mach/hurd/if_index.c
+++ b/sysdeps/mach/hurd/if_index.c
@@ -32,10 +32,7 @@ unsigned int
 __if_nametoindex (const char *ifname)
 {
   struct ifreq ifr;
-  int fd = __socket (AF_INET, SOCK_DGRAM, 0);
-
-  if (fd < 0)
-    return 0;
+  int fd;
 
   if (strlen (ifname) >= IFNAMSIZ)
     {
@@ -43,6 +40,10 @@ __if_nametoindex (const char *ifname)
       return 0;
     }
 
+  fd = __socket (AF_INET, SOCK_DGRAM, 0);
+  if (fd < 0)
+    return 0;
+
   strncpy (ifr.ifr_name, ifname, IFNAMSIZ);
   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
     {
-- 
2.34.1