[src/netbsd-1-5]: src/sys/net Pullup 1.17 [sommerfeld]:

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-1-5]: src/sys/net Pullup 1.17 [sommerfeld]:
From: tv <tv%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 07:25:33 +0000

details:   https://anonhg.NetBSD.org/src/rev/ebeef668ef79
branches:  netbsd-1-5
changeset: 490272:ebeef668ef79
user:      tv <tv%NetBSD.org@localhost>
date:      Sun Nov 19 20:21:09 2000 +0000

description:
Pullup 1.17 [sommerfeld]:
Allow changing of settings via ioctl only for the superuser.
Fixes PR security/11524.

diffstat:

 sys/net/if_gif.c |  12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diffs (61 lines):

diff -r 3ff94c92a856 -r ebeef668ef79 sys/net/if_gif.c
--- a/sys/net/if_gif.c  Sat Nov 18 05:39:06 2000 +0000
+++ b/sys/net/if_gif.c  Sun Nov 19 20:21:09 2000 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_gif.c,v 1.10.4.2 2000/10/17 02:19:17 tv Exp $       */
+/*     $NetBSD: if_gif.c,v 1.10.4.3 2000/11/19 20:21:09 tv Exp $       */
 /*     $KAME: if_gif.c,v 1.34 2000/10/07 03:58:53 itojun Exp $ */
 
 /*
@@ -55,6 +55,7 @@
 #endif
 #include <sys/time.h>
 #include <sys/syslog.h>
+#include <sys/proc.h>
 #include <sys/protosw.h>
 #include <machine/cpu.h>
 
@@ -439,6 +440,7 @@
 #endif
        caddr_t data;
 {
+       struct proc *p = curproc;       /* XXX */
        struct gif_softc *sc  = (struct gif_softc*)ifp;
        struct ifreq     *ifr = (struct ifreq*)data;
        int error = 0, size;
@@ -457,6 +459,8 @@
        case SIOCADDMULTI:
        case SIOCDELMULTI:
 #if !(defined(__FreeBSD__) && __FreeBSD__ >= 3)
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                switch (ifr->ifr_addr.sa_family) {
 #ifdef INET
                case AF_INET:   /* IP supports Multicast */
@@ -484,6 +488,8 @@
                        mtu = *(short *)ifr->ifr_data;
 #else
                        u_long mtu;
+                       if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                               break;
                        mtu = ifr->ifr_mtu;
 #endif
                        if (mtu < GIF_MTU_MIN || mtu > GIF_MTU_MAX) {
@@ -498,6 +504,8 @@
 #ifdef INET6
        case SIOCSIFPHYADDR_IN6:
 #endif /* INET6 */
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                switch (cmd) {
                case SIOCSIFPHYADDR:
                        src = (struct sockaddr *)
@@ -612,6 +620,8 @@
 
 #ifdef SIOCDIFPHYADDR
        case SIOCDIFPHYADDR:
+               if ((error = suser(p->p_ucred, &p->p_acflag)) != 0)
+                       break;
                if (sc->gif_psrc) {
                        free((caddr_t)sc->gif_psrc, M_IFADDR);
                        sc->gif_psrc = NULL;

Prev by Date: [src/netbsd-1-5]: src/share/tmac Bump oS to NetBSD 1.5.1.
Next by Date: [src/netbsd-1-5]: src/distrib/miniroot Pullup 1.20 [pk]:
Previous by Thread: [src/netbsd-1-5]: src/share/tmac Bump oS to NetBSD 1.5.1.
Next by Thread: [src/netbsd-1-5]: src/distrib/miniroot Pullup 1.20 [pk]:
Indexes:

Home | Main Index | Thread Index | Old Index