Zebediah Figura : server: Do not accept sizeof(struct WS_sockaddr_in6_old).

23 Jul 2021

Module: wine
Branch: master
Commit: d04c5f4b1bb52d8648d02ea19aec5957a05fe7e8
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=d04c5f4b1bb52d8648d02ea19...
Author: Zebediah Figura zfigura@codeweavers.com
Date:   Fri Jul 23 11:39:08 2021 -0500
server: Do not accept sizeof(struct WS_sockaddr_in6_old).
Signed-off-by: Zebediah Figura zfigura@codeweavers.com
Signed-off-by: Alexandre Julliard julliard@winehq.org
---
dlls/ws2_32/tests/afd.c | 29 +++++++++++++----------------
 server/sock.c           | 23 ++++++-----------------
 2 files changed, 19 insertions(+), 33 deletions(-)

diff --git a/dlls/ws2_32/tests/afd.c b/dlls/ws2_32/tests/afd.c
index c31d1def139..50922500859 100644
--- a/dlls/ws2_32/tests/afd.c
+++ b/dlls/ws2_32/tests/afd.c
@@ -1582,17 +1582,17 @@ static void test_bind(void)
     memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
             params, params6_size - 1, &addr6, sizeof(addr6));
-    todo_wine ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
+    ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
             params, offsetof(struct afd_bind_params, addr) + sizeof(struct sockaddr_in6_old), &addr6, sizeof(addr6));
-    todo_wine ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
+    ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
             params, offsetof(struct afd_bind_params, addr.sa_data), &addr6, sizeof(addr6));
-    todo_wine ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
+    ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
@@ -1604,8 +1604,8 @@ static void test_bind(void)
             params, params6_size, &addr6, sizeof(addr6));
     todo_wine ok(ret == STATUS_PENDING, "got %#x\n", ret);
     ret = WaitForSingleObject(event, 0);
-    todo_wine ok(!ret, "got %#x\n", ret);
-    todo_wine ok(io.Status == STATUS_INVALID_ADDRESS_COMPONENT, "got %#x\n", io.Status);
+    ok(!ret, "got %#x\n", ret);
+    ok(io.Status == STATUS_INVALID_ADDRESS_COMPONENT, "got %#x\n", io.Status);
memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
@@ -1615,7 +1615,7 @@ static void test_bind(void)
     memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
             params, params6_size - 1, &addr6, sizeof(addr6) - 1);
-    todo_wine ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
+    ok(ret == STATUS_INVALID_ADDRESS, "got %#x\n", ret);
memcpy(&params->addr, &bind_addr6, sizeof(bind_addr6));
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
@@ -1629,15 +1629,12 @@ static void test_bind(void)
             params, params6_size, &addr6, sizeof(addr6));
     todo_wine ok(ret == STATUS_PENDING, "got %#x\n", ret);
     ret = WaitForSingleObject(event, 0);
-    todo_wine
-    {
-        ok(!ret, "got %#x\n", ret);
-        ok(!io.Status, "got %#x\n", io.Status);
-        ok(io.Information == sizeof(addr6), "got %#Ix\n", io.Information);
-        ok(addr6.sin6_family == AF_INET6, "got family %u\n", addr6.sin6_family);
-        ok(!memcmp(&addr6.sin6_addr, &bind_addr6.sin6_addr, sizeof(addr6.sin6_addr)), "address didn't match\n");
-        ok(!addr6.sin6_flowinfo, "got flow info %#x\n", addr6.sin6_flowinfo);
-    }
+    ok(!ret, "got %#x\n", ret);
+    ok(!io.Status, "got %#x\n", io.Status);
+    ok(io.Information == sizeof(addr6), "got %#Ix\n", io.Information);
+    ok(addr6.sin6_family == AF_INET6, "got family %u\n", addr6.sin6_family);
+    ok(!memcmp(&addr6.sin6_addr, &bind_addr6.sin6_addr, sizeof(addr6.sin6_addr)), "address didn't match\n");
+    ok(!addr6.sin6_flowinfo, "got flow info %#x\n", addr6.sin6_flowinfo);
     ok(addr6.sin6_port, "expected nonzero port\n");
/* getsockname() returns EINVAL here. Possibly the socket name is cached (in shared memory?) */
@@ -1645,7 +1642,7 @@ static void test_bind(void)
     ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io,
             IOCTL_AFD_GETSOCKNAME, NULL, 0, &addr6_2, sizeof(addr6_2));
     ok(!ret, "got %#x\n", ret);
-    todo_wine ok(!memcmp(&addr6, &addr6_2, sizeof(addr6)), "addresses didn't match\n");
+    ok(!memcmp(&addr6, &addr6_2, sizeof(addr6)), "addresses didn't match\n");
ret = NtDeviceIoControlFile((HANDLE)s, event, NULL, NULL, &io, IOCTL_AFD_BIND,
             params, params6_size, &addr6, sizeof(addr6));
diff --git a/server/sock.c b/server/sock.c
index cce91f5150d..cd77ff7bdca 100644
--- a/server/sock.c
+++ b/server/sock.c
@@ -311,7 +311,7 @@ static int sockaddr_from_unix( const union unix_sockaddr *uaddr, struct WS_socka
     {
         struct WS_sockaddr_in6 win = {0};
-        if (wsaddrlen < sizeof(struct WS_sockaddr_in6_old)) return -1;
+        if (wsaddrlen < sizeof(win)) return -1;
         win.sin6_family = WS_AF_INET6;
         win.sin6_port = uaddr->in6.sin6_port;
         win.sin6_flowinfo = uaddr->in6.sin6_flowinfo;
@@ -319,13 +319,8 @@ static int sockaddr_from_unix( const union unix_sockaddr *uaddr, struct WS_socka
 #ifdef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID
         win.sin6_scope_id = uaddr->in6.sin6_scope_id;
 #endif
-        if (wsaddrlen >= sizeof(struct WS_sockaddr_in6))
-        {
-            memcpy( wsaddr, &win, sizeof(struct WS_sockaddr_in6) );
-            return sizeof(struct WS_sockaddr_in6);
-        }
-        memcpy( wsaddr, &win, sizeof(struct WS_sockaddr_in6_old) );
-        return sizeof(struct WS_sockaddr_in6_old);
+        memcpy( wsaddr, &win, sizeof(win) );
+        return sizeof(win);
     }
#ifdef HAS_IPX
@@ -391,19 +386,14 @@ static socklen_t sockaddr_to_unix( const struct WS_sockaddr *wsaddr, int wsaddrl
     {
         struct WS_sockaddr_in6 win = {0};
-        if (wsaddrlen < sizeof(struct WS_sockaddr_in6_old)) return 0;
-        if (wsaddrlen < sizeof(struct WS_sockaddr_in6))
-            memcpy( &win, wsaddr, sizeof(struct WS_sockaddr_in6_old) );
-        else
-            memcpy( &win, wsaddr, sizeof(struct WS_sockaddr_in6) );
-
+        if (wsaddrlen < sizeof(win)) return 0;
+        memcpy( &win, wsaddr, sizeof(win) );
         uaddr->in6.sin6_family = AF_INET6;
         uaddr->in6.sin6_port = win.sin6_port;
         uaddr->in6.sin6_flowinfo = win.sin6_flowinfo;
         memcpy( &uaddr->in6.sin6_addr, &win.sin6_addr, sizeof(win.sin6_addr) );
 #ifdef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID
-        if (wsaddrlen >= sizeof(struct WS_sockaddr_in6))
-            uaddr->in6.sin6_scope_id = win.sin6_scope_id;
+        uaddr->in6.sin6_scope_id = win.sin6_scope_id;
 #endif
         return sizeof(uaddr->in6);
     }
@@ -462,7 +452,6 @@ static socklen_t sockaddr_to_unix( const struct WS_sockaddr *wsaddr, int wsaddrl
 #endif
case sizeof(struct WS_sockaddr_in6):
-        case sizeof(struct WS_sockaddr_in6_old):
             return sizeof(uaddr->in6);
         }

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Zebediah Figura : server: Do not accept sizeof(struct WS_sockaddr_in6_old).