[PATCH] os/access: fix regression in server interpreted auth
Keith Packard
keithp at keithp.com
Tue Feb 17 13:24:29 PST 2015
Dave Airlie <airlied at gmail.com> writes:
> From: Dave Airlie <airlied at redhat.com>
>
> This was reported on irc on Fedora when rawhide went to 1.17.1.
>
> regression occured in: 2566835b4374edb3e5a8353d4f7c9e7ec4851c57
> os: Eliminate uninitialized value warnings from access.c
>
> siAddrMatch doesn't need addr to be a useful value, it checks
> some things like localuser without having an address at all.
>
> Signed-off-by: Dave Airlie <airlied at redhat.com>
Ok, auditing this took a bit of time, but I think things are reasonably
clear to me. The various siAddrMatch functions will all work fine with a
NULL addr as long as len is zero. And, the code paths to get here don't
obviously make sure this is always true, so I'd be happier if we just
made sure len and addr agreed about empty addresses:
diff --git a/os/access.c b/os/access.c
index 28f2d32..fe6e831 100644
--- a/os/access.c
+++ b/os/access.c
@@ -1390,14 +1390,23 @@ InvalidHost(register struct sockaddr *saddr, int len, ClientPtr client)
else
return 0;
}
+
+ /* An empty address requires both a NULL addr *and* a zero length
+ * as the address comparison functions call memcmp with both
+ * parameters. Make sure they agree here
+ */
+ if (addr == NULL)
+ len = 0;
+ if (len == 0)
+ addr = NULL;
for (host = validhosts; host; host = host->next) {
if (host->family == FamilyServerInterpreted) {
- if (addr && siAddrMatch(family, addr, len, host, client)) {
+ if (siAddrMatch(family, addr, len, host, client)) {
return 0;
}
}
else {
- if (addr && addrEqual(family, addr, len, host))
+ if (addrEqual(family, addr, len, host))
return 0;
}
--
-keith
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 810 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20150217/a5313232/attachment.sig>
More information about the xorg-devel
mailing list