From 8fc3d49346654877df2faae8ea91b008421bc2b0 Mon Sep 17 00:00:00 2001 From: Serhiy Storchaka Date: Fri, 4 Apr 2025 17:09:58 +0300 Subject: [PATCH] gh-132075: Fix possible use of sockaddr structures with uninitialized members (GH-132076) Now all structure members are initialized with zeroes by default. (cherry picked from commit 345baa77ba2ce3b8ea8f2fad84754e5cc0b10938) Co-authored-by: Serhiy Storchaka --- .../2025-04-04-16-22-03.gh-issue-132075.qMM5np.rst | 2 ++ Modules/socketmodule.c | 13 +++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 Misc/NEWS.d/next/Library/2025-04-04-16-22-03.gh-issue-132075.qMM5np.rst diff --git a/Misc/NEWS.d/next/Library/2025-04-04-16-22-03.gh-issue-132075.qMM5np.rst b/Misc/NEWS.d/next/Library/2025-04-04-16-22-03.gh-issue-132075.qMM5np.rst new file mode 100644 index 00000000000000..691ea5897ae156 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2025-04-04-16-22-03.gh-issue-132075.qMM5np.rst @@ -0,0 +1,2 @@ +Fix possible use of :mod:`socket` address structures with uninitialized +members. Now all structure members are initialized with zeroes by default. diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c index b8a503c9883a1d..e2afe508f5a78b 100644 --- a/Modules/socketmodule.c +++ b/Modules/socketmodule.c @@ -1779,6 +1779,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, assert(path.len >= 0); struct sockaddr_un* addr = &addrbuf->un; + memset(addr, 0, sizeof(struct sockaddr_un)); #ifdef __linux__ if (path.len == 0 || *(const char *)path.buf == 0) { /* Linux abstract namespace extension: @@ -1822,6 +1823,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, { int pid, groups; struct sockaddr_nl* addr = &addrbuf->nl; + memset(addr, 0, sizeof(struct sockaddr_nl)); if (!PyTuple_Check(args)) { PyErr_Format( PyExc_TypeError, @@ -1849,6 +1851,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, { unsigned int node, port; struct sockaddr_qrtr* addr = &addrbuf->sq; + memset(addr, 0, sizeof(struct sockaddr_qrtr)); if (!PyTuple_Check(args)) { PyErr_Format( PyExc_TypeError, @@ -1926,6 +1929,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, return 0; } struct sockaddr_in* addr = &addrbuf->in; + memset(addr, 0, sizeof(struct sockaddr_in)); result = setipaddr(s->state, host.buf, (struct sockaddr *)addr, sizeof(*addr), AF_INET); idna_cleanup(&host); @@ -1971,6 +1975,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, return 0; } struct sockaddr_in6* addr = &addrbuf->in6; + memset(addr, 0, sizeof(struct sockaddr_in6)); result = setipaddr(s->state, host.buf, (struct sockaddr *)addr, sizeof(*addr), AF_INET6); idna_cleanup(&host); @@ -2028,6 +2033,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, { const char *straddr; struct sockaddr_rc *addr = &addrbuf->bt_rc; + memset(addr, 0, sizeof(struct sockaddr_rc)); _BT_RC_MEMB(addr, family) = AF_BLUETOOTH; #ifdef MS_WINDOWS unsigned long channel; @@ -2054,6 +2060,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, case BTPROTO_HCI: { struct sockaddr_hci *addr = &addrbuf->bt_hci; + memset(addr, 0, sizeof(struct sockaddr_hci)); #if defined(__NetBSD__) || defined(__DragonFly__) const char *straddr; _BT_HCI_MEMB(addr, family) = AF_BLUETOOTH; @@ -2105,6 +2112,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, const char *straddr; struct sockaddr_sco *addr = &addrbuf->bt_sco; + memset(addr, 0, sizeof(struct sockaddr_sco)); _BT_SCO_MEMB(addr, family) = AF_BLUETOOTH; if (!PyBytes_Check(args)) { PyErr_Format(PyExc_OSError, @@ -2182,6 +2190,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, return 0; } struct sockaddr_ll* addr = &addrbuf->ll; + memset(addr, 0, sizeof(struct sockaddr_ll)); addr->sll_family = AF_PACKET; addr->sll_protocol = htons((short)protoNumber); addr->sll_ifindex = ifr.ifr_ifindex; @@ -2266,6 +2275,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, struct ifreq ifr; Py_ssize_t len; struct sockaddr_can *addr = &addrbuf->can; + memset(addr, 0, sizeof(struct sockaddr_can)); if (!PyTuple_Check(args)) { PyErr_Format(PyExc_TypeError, @@ -2318,6 +2328,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, unsigned long int rx_id, tx_id; struct sockaddr_can *addr = &addrbuf->can; + memset(addr, 0, sizeof(struct sockaddr_can)); if (!PyArg_ParseTuple(args, "O&kk", PyUnicode_FSConverter, &interfaceName, @@ -2365,6 +2376,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, uint8_t j1939_addr; struct sockaddr_can *addr = &addrbuf->can; + memset(addr, 0, sizeof(struct sockaddr_can)); if (!PyArg_ParseTuple(args, "O&KIB", PyUnicode_FSConverter, &interfaceName, @@ -2417,6 +2429,7 @@ getsockaddrarg(PySocketSockObject *s, PyObject *args, case SYSPROTO_CONTROL: { struct sockaddr_ctl *addr = &addrbuf->ctl; + memset(addr, 0, sizeof(struct sockaddr_ctl)); addr->sc_family = AF_SYSTEM; addr->ss_sysaddr = AF_SYS_CONTROL; pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy