From Alain.Thivillon@hsc.fr  Tue Dec 10 07:56:57 2002
Return-Path: <Alain.Thivillon@hsc.fr>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 55B3737B401
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 10 Dec 2002 07:56:57 -0800 (PST)
Received: from itesec.hsc.fr (itesec.hsc.fr [192.70.106.33])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 597B743EC5
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 10 Dec 2002 07:56:56 -0800 (PST)
	(envelope-from Alain.Thivillon@hsc.fr)
Received: from khany.hsc.fr (khany.hsc.fr [192.70.106.104])
	by itesec.hsc.fr (Postfix) with ESMTP
	id CC5F720FF4; Tue, 10 Dec 2002 16:56:54 +0100 (CET)
Received: by khany.hsc.fr (Postfix, from userid 1000)
	id 51199F6A68; Tue, 10 Dec 2002 16:56:58 +0100 (CET)
Message-Id: <20021210155658.51199F6A68@khany.hsc.fr>
Date: Tue, 10 Dec 2002 16:56:58 +0100 (CET)
From: Alain Thivillon <at@rominet.net>
Reply-To: Alain Thivillon <at@rominet.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: at@rominet.net, roberto@keltia.freenix.org
Subject: call to getsockopt in libc/gen/getpeerid is bogus
X-Send-Pr-Version: 3.113
X-GNATS-Notify: ru

>Number:         46165
>Category:       bin
>Synopsis:       call to getsockopt in libc/gen/getpeerid is bogus
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    maxim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Dec 10 08:00:07 PST 2002
>Closed-Date:    Mon Dec 23 02:28:05 PST 2002
>Last-Modified:  Mon Dec 23 02:28:05 PST 2002
>Originator:     Alain Thivillon
>Release:        FreeBSD 4.7-RELEASE-p2 i386
>Organization:
Rominet Networks
>Environment:
System: FreeBSD khany.hsc.fr 4.7-RELEASE-p2 FreeBSD 4.7-RELEASE-p2 #1: Sat Nov 30 14:37:59 CET 2002 at@khany.hsc.fr:/usr/obj/usr/src/sys/KHANY i386


>Description:

  call to getsockopt in libc/gen/getpeerid to get Unix Dgram socket 
  caller credentials is wrong. Option name LOCAL_PEERCRED is passed
  in second argument instead of third.
  
  As LOCAL_PEERCRED == SOCK_STREAM == 1, this bug has no influence.
  However, this is the only one usage of LOCAL_PEERCRED in /usr/src,
  this can seriously impact mental health of programmers looking for an
  example ...

>How-To-Repeat:

  Read code and documentation (getsockopt(2) and unix(4) on the same screen.

>Fix:


--- src/lib/libc/gen/getpeereid.c.orig	Sat Mar  9 06:23:56 2002
+++ src/lib/libc/gen/getpeereid.c	Tue Dec 10 16:49:00 2002
@@ -43,7 +43,7 @@
 	int error;
 
 	xuclen = sizeof(xuc);
-	error = getsockopt(s, LOCAL_PEERCRED, 1, &xuc, &xuclen);
+	error = getsockopt(s, SOCK_STREAM, LOCAL_PEERCRED, &xuc, &xuclen);
 	if (error != 0)
 		return (error);
 	if (xuc.cr_version != XUCRED_VERSION)

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->dd 
Responsible-Changed-By: ru 
Responsible-Changed-When: Tue Dec 10 11:04:04 PST 2002 
Responsible-Changed-Why:  
Over to a guilty party. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46165 

From: Ruslan Ermilov <ru@FreeBSD.org>
To: Alain Thivillon <at@rominet.net>
Cc: Dima Dorfman <dd@FreeBSD.org>, bug-followup@FreeBSD.org,
	roberto@keltia.freenix.org
Subject: Re: bin/46165: call to getsockopt in libc/gen/getpeerid is bogus
Date: Tue, 10 Dec 2002 21:03:36 +0200

 On Tue, Dec 10, 2002 at 04:56:58PM +0100, Alain Thivillon wrote:
 > 
 > >Description:
 > 
 >   call to getsockopt in libc/gen/getpeerid to get Unix Dgram socket 
 >   caller credentials is wrong. Option name LOCAL_PEERCRED is passed
 >   in second argument instead of third.
 >   
 >   As LOCAL_PEERCRED == SOCK_STREAM == 1, this bug has no influence.
 >   However, this is the only one usage of LOCAL_PEERCRED in /usr/src,
 >   this can seriously impact mental health of programmers looking for an
 >   example ...
 > 
 > >How-To-Repeat:
 > 
 >   Read code and documentation (getsockopt(2) and unix(4) on the same screen.
 > 
 > >Fix:
 > 
 > 
 > --- src/lib/libc/gen/getpeereid.c.orig	Sat Mar  9 06:23:56 2002
 > +++ src/lib/libc/gen/getpeereid.c	Tue Dec 10 16:49:00 2002
 > @@ -43,7 +43,7 @@
 >  	int error;
 >  
 >  	xuclen = sizeof(xuc);
 > -	error = getsockopt(s, LOCAL_PEERCRED, 1, &xuc, &xuclen);
 > +	error = getsockopt(s, SOCK_STREAM, LOCAL_PEERCRED, &xuc, &xuclen);
 >  	if (error != 0)
 >  		return (error);
 >  	if (xuc.cr_version != XUCRED_VERSION)
 > 
 Following the guidelines from getsockopt(2) manpage,
 the `level' argument should be 0, not SOCK_STREAM.
 It doesn't really matter because uipc_ctloutput() does
 not check sopt->sopt_level, and it probably should.
 
 Nice catch, by the way!
 
 
 Cheers,
 -- 
 Ruslan Ermilov		Sysadmin and DBA,
 ru@sunbay.com		Sunbay Software AG,
 ru@FreeBSD.org		FreeBSD committer,
 +380.652.512.251	Simferopol, Ukraine
 
 http://www.FreeBSD.org	The Power To Serve
 http://www.oracle.com	Enabling The Information Age
State-Changed-From-To: open->patched 
State-Changed-By: maxim 
State-Changed-When: Sun Dec 15 01:58:09 PST 2002 
State-Changed-Why:  
Fixed in rev. 1.5 src/lib/libc/gen/getpeereid.c. Thank you! 


Responsible-Changed-From-To: dd->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Sun Dec 15 01:58:09 PST 2002 
Responsible-Changed-Why:  
Will MFC the fix in one week. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46165 
State-Changed-From-To: patched->closed 
State-Changed-By: maxim 
State-Changed-When: Mon Dec 23 02:25:54 PST 2002 
State-Changed-Why:  
Fixed in rev. 1.6 and rev. 1.4.2.2 src/lib/libc/gen/getpeereid.c 
in -CURRENT and -STABLE. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46165 
>Unformatted:
