diff options
author | Steffan Karger | 2016-03-03 10:22:48 +0100 |
---|---|---|
committer | Gert Doering | 2016-03-06 11:14:44 +0100 |
commit | e0b3fd49e2b5bba8cb57419a13cb75b56ac91b94 (patch) | |
tree | 433b8d535f82776696a564972d3030f041d88a08 /src/openvpn/fdmisc.h | |
parent | 13de0103ea361e2be24ab8b16f5be269c6ab7496 (diff) | |
download | openvpn-e0b3fd49e2b5bba8cb57419a13cb75b56ac91b94.zip openvpn-e0b3fd49e2b5bba8cb57419a13cb75b56ac91b94.tar.gz |
hardening: add safe FD_SET() wrapper openvpn_fd_set()
On many platforms (not Windows, for once), FD_SET() can write outside the
given fd_set if an fd >= FD_SETSIZE is given. To make sure we don't do
that, add an ASSERT() to error out with a clear error message when this
does happen.
This patch was inspired by remarks about FD_SET() from Sebastian Krahmer
of the SuSE Security Team.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456996968-29472-1-git-send-email-steffan.karger@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11285
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn/fdmisc.h')
-rw-r--r-- | src/openvpn/fdmisc.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/openvpn/fdmisc.h b/src/openvpn/fdmisc.h index 4b6b6d0..13d6552 100644 --- a/src/openvpn/fdmisc.h +++ b/src/openvpn/fdmisc.h @@ -22,10 +22,26 @@ * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +#ifndef FD_MISC_H +#define FD_MISC_H + #include "basic.h" +#include "error.h" +#include "syshead.h" bool set_nonblock_action (int fd); bool set_cloexec_action (int fd); void set_nonblock (int fd); void set_cloexec (int fd); + +static inline void openvpn_fd_set(int fd, fd_set *setp) +{ +#ifndef WIN32 /* The Windows FD_SET() implementation does not overflow */ + ASSERT (fd >= 0 && fd < FD_SETSIZE); +#endif + FD_SET (fd, setp); +} +#undef FD_SET /* prevent direct use of FD_SET() */ + +#endif /* FD_MISC_H */ |