Re: [PATCH] Security: Validate response address, possibly related to CVE-2008-1447
>>> Verify if what I've just committed is actually what you intended.
>> I just reviewed the patch you committed:
>> It's effect on systems which _do_ support recvfrom() is what I intended,
>> but it doesn't do anything for systems which do not support recvfrom().
> Updated now:
Yep, that's good, you also need to fix setup_once.h, as of right now, if
recvfrom() is not found, it won't compile because of this segment:
* Currently recvfrom is only used on udp sockets.
#if !defined(RECVFROM_TYPE_ARG1) || \
!defined(RECVFROM_TYPE_ARG2) || \
!defined(RECVFROM_TYPE_ARG3) || \
!defined(RECVFROM_TYPE_ARG4) || \
!defined(RECVFROM_TYPE_ARG5) || \
!defined(RECVFROM_TYPE_ARG6) || \
#define sreadfrom(s,b,bl,f,fl) (ssize_t)recvfrom((RECVFROM_TYPE_ARG1) (s), \
(RECVFROM_TYPE_ARG2 *)(b), \
(RECVFROM_TYPE_ARG3) (bl), \
(RECVFROM_TYPE_ARG4) (0), \
(RECVFROM_TYPE_ARG5 *)(f), \
#else /* HAVE_RECVFROM */
#endif /* HAVE_RECVFROM */
The compiler will balk on the 'Error Missing_definition_of_macro_sreadfrom' ...
which obviously would make the change to ares_process.c moot ...
Received on 2008-08-26