From moncrg@bt340707.res.ray.com  Mon Dec  8 17:08:10 1997
Received: from gatekeeper.ray.com (gatekeeper.ray.com [138.125.162.1])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA07682
          for <FreeBSD-gnats-submit@freebsd.org>; Mon, 8 Dec 1997 17:08:09 -0800 (PST)
          (envelope-from moncrg@bt340707.res.ray.com)
Received: (mailer@localhost) by gatekeeper.ray.com (8.8.7/8.8.7) id UAA17678 for <FreeBSD-gnats-submit@freebsd.org>; Mon, 8 Dec 1997 20:08:04 -0500
Received: from bt340707.res.ray.com/138.125.142.35(<moncrg@bt340707.res.ray.com>)
	by gatekeeper.ray.com
	id sma.881605812.003373; Mon Dec  8 13:30:12 1997
Received: (from moncrg@localhost)
	by bt340707.res.ray.com (8.8.7/8.8.7) id NAA13280;
	Mon, 8 Dec 1997 13:22:30 -0500 (EST)
	(envelope-from moncrg)
Message-Id: <199712081822.NAA13280@bt340707.res.ray.com>
Date: Mon, 8 Dec 1997 13:22:30 -0500 (EST)
From: "Gregory D. Moncreaff" <moncrg@bt340707.res.ray.com>
Reply-To: moncrg@bt340707.res.ray.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: netstat sockaddr bogon
X-Send-Pr-Version: 3.2

>Number:         5256
>Category:       bin
>Synopsis:       netstat sockaddr bogon
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec  8 17:10:02 PST 1997
>Closed-Date:    Tue Apr 21 23:54:39 PDT 1998
>Last-Modified:  Tue Apr 21 23:54:53 PDT 1998
>Originator:     Gregory D. Moncreaff
>Release:        FreeBSD 2.2.5-RELEASE i386
>Organization:
RES
>Environment:


>Description:

truncates info in sockaddr* between kgetsa and p_sockaddr
by dereferencing pointer to smaller structure

>How-To-Repeat:

only visiable with larger sockaddrs (I'm working with resurrected
netiso code)

>Fix:

diffs to netstat/route.c:	
101c101,102
< typedef union {
---
>
> static union {
104,106c105
< } sa_u;
<
< static sa_u pt_u;
---
> } pt_u;
509c508
<       sa_u addr, mask;
---
>       struct sockaddr addr, mask;
517,524c516,523
<       bzero(&addr, sizeof addr);
<       if ((sa = kgetsa(rt_key(rt))))
<               bcopy(sa,&addr,sa->sa_len);
<
<       bzero(&mask, sizeof mask);
<       if (rt_mask(rt) && (sa = kgetsa(rt_mask(rt))))
<               bcopy(sa,&mask,sa->sa_len);
<
---
>       if (!(sa = kgetsa(rt_key(rt))))
>               bzero(&addr, sizeof addr);
>       else
>               addr = *sa;
>       if (!rt_mask(rt) || !(sa = kgetsa(rt_mask(rt))))
>               bzero(&mask, sizeof mask);
>       else
>               mask = *sa;        
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: phk 
State-Changed-When: Sun Apr 19 10:29:40 PDT 1998 
State-Changed-Why:  
please send us a context-diff, ie "diff -u" or "diff -c" 
State-Changed-From-To: feedback->closed 
State-Changed-By: phk 
State-Changed-When: Tue Apr 21 23:54:39 PDT 1998 
State-Changed-Why:  
committed, thanks! 
>Unformatted:
