Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
Date: Wed, 1 Aug 2001 09:24:35 +0200
From: Corinna Vinschen <cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: BUG - 1.3.n accept fails if NULL sockaddr * argument and other related stuff.
Message-ID: <20010801092435.B9574@cygbert.vinschen.de>
Mail-Followup-To: cygwin AT cygwin DOT com
References: <00a201c11a39$a1b55c40$0cb4a8c0 AT brisbane DOT paradigmgeo DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <00a201c11a39$a1b55c40$0cb4a8c0@brisbane.paradigmgeo.com>; from miketh@brisbane.paradigmgeo.com on Wed, Aug 01, 2001 at 01:25:29PM +1000

On Wed, Aug 01, 2001 at 01:25:29PM +1000, Mike Thomas wrote:
> Hi there.
> 
> The following function (open source GIS package GRASS) dies when accept
> is called.  Replacing the NULL argument with a valid pointer stopped the
> crash.  I am told that "accept()" should be able to deal with a NULL
> argument - certainly this code works on several Unices.
> 
> ----------------------------------------------------------------------------
> ----------------------
> /* -----------------------------------------------------------------------
>  * G_sock_accept (int sockfd):
>  * Wrapper around the accept() function. No client info is returned, but
>  * that's not generally useful for local sockets anyway.  Function returns
>  * the file descriptor or an error code generated by accept().  Note,
>  * this call will usually block until a connection arrives.  You can use
>  * select() for a time out on the call.
>  * ---------------------------------------------------------------------*/
> 
> int
> G_sock_accept (int sockfd)
> {   
>     return accept (sockfd, (struct sockaddr *) NULL, NULL);
> }
> 
> ------------------------------------------------------------------------------------------------
> 
> Looking at the Cygwin source below, I see that if the length argument is too small
> it is corrected, but no similar check is made for the argument "peer".
> 
> ------------------------------------------------------------------------------------------------
> cygwin_accept (int fd, struct sockaddr *peer, int *len)
> {
>   int res = -1;
>   BOOL secret_check_failed = FALSE;
>   BOOL in_progress = FALSE;
>   sigframe thisframe (mainthread);
> 
>   fhandler_socket *sock = get (fd);
>   if (sock)
>     {
>       /* accept on NT fails if len < sizeof (sockaddr_in)
>        * some programs set len to
>        * sizeof (name.sun_family) + strlen (name.sun_path) for UNIX domain
>        */
>       if (len && ((unsigned) *len < sizeof (struct sockaddr_in)))
>         *len = sizeof (struct sockaddr_in);
> 
>       res = accept (sock->get_socket (), peer, len);  // can't use a blocking call inside a lock
> 
> ---------------------------------------------
> ---------------------------------------------------
> 
> 
> QUESTION:
> 
> Is the "accept()" call inside "cygwin_accept()" the winsock.dll "accept()"?

Yep.

> OTHER ISSUES:
> 
> I point these two out for attention from the Cygwin experts on socket
> implementation.
> 
> 1. socket.h does not include a type "socklen_t" which is apparently defined
> on some Unix platforms.
> 
> 2. Although not relevant to the code above, I noticed while looking in
> socket.h and friends that Cygwin provides sockaddr and sockaddr_un, which
> differ in terms of how much space is made for the name of the socket.  The
> sockaddr member sa_data is only very short (14 bytes, compared to
> UNIX_PATH_LEN for the sun_path member of sockaddr_un) which would not
> suffice for a long file name.  Unfortunately accept is defined in terms of
> sockaddr rather than sockaddr_un which could potentially cause string
> overwrites.

So, would you like to send us a patch?

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/