[sane-devel] possible bin_w_string security issue (not)

Johannes Berg johannes@sipsolutions.net
Sat, 16 Oct 2004 14:34:41 +0200 

--=-yhkGcHckmX4ZO5PEvTHQ
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Hi,

> SIGPIPE (ok, I read your mail before answering) :-)

:-)

> Nearly any protocol violation from server or client can have strange
> results. That's one of the problems with the SANE net protocol.
>=20
> Also there are still many tests missing for a bad wire status (see bug
> #300105).

Will do.

> There may be other locations but at least here it tests for the wire
> status:

Hm. I guess you're right. Seems I missed it, or maybe I was writing this
when I looked at a different location? Sorry.

> I'm still not sure if I have understood all the details of the wire
> code. But I guess the idea was to have only one function for each kind
> of data. So you don't need one for the server and one for the client
> and one for ascii and one for bin and one for sending and one for
> receiving...

Yeah, and then it is also "overloaded" for freeing allocated data.

> They aren't. Only sane_cancel() must be async signal safe.
>=20
> Yes, I guess that's a bug.

Ok.

> Nobody should ever use sanei_wire/sanei_net/sanei_codec_* without
> really knowing what he does :-)

:-)

> But what should sanei_w_array do? It already exits when the wire is in
> bad state. I think that's really up to the caller.

Yes, but before exiting it should free the result buffer and NULL the
pointer. When the wire is in an invalid state during reading, it cannot
be guaranteed that the buffer is in a valid state, so should be
discarded.

johannes

--=-yhkGcHckmX4ZO5PEvTHQ
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Comment: Johannes Berg (SIP Solutions)

iQIVAwUAQXEVXaVg1VMiehFYAQLPOw/9E6+OseXpkvwWNMTenxSGxMF28XX/Rl71
s7sYiR4Fg9hdmPQDy0RtTkQrKspY6izzgn1aGlsH7H2eLw2pIF7yqW36vX2gQXWo
kwju+ZF+dIDLWjQ8ICiyuJFgYUNWxjZjDTfLhwe16ByGnVT+nWIx9ZbPYaB1KR0N
PmqH3M9G+s7oaZFh5zKtPiJA6kSBbsgpnhSDZpqzop+Rfe8vrFIPN7UTQS2PqZUx
20kMuH4CQu0ggpJ9yekIfzRdbBAZcHSCxKo7vTuupfratbbib9D2firVgW77aaNO
Lo3gnue+/TgxLJWeaBxrn/unL/q5U/YnNGhUgAsDBlGymjpZJV+ApOYHoVarv5XS
CbyYKKrszzhO8otxfkfA07v7QxqqpDw1CRE2tfxHqXyk2hmyVsy38AHrZOyevMGS
D2du8D63miUyVaU3dlGrjmcSxE7pohki9BpMjZ54hIEiF0zw2H9pC1/363KWNzl+
2rVZcrCmBQMrwoewepWGpvQBJiFZ9sxUkAmaQu/Jv3HEOQnsX8ZmQwKZpKy1qPHm
ARqx2Yex/OJ8R8ViKQfPjpRVyBvYfchle+XNRpJh+lbn2VGwh4KKWNGaaoFqdOJd
Ybwv5LTz7XtYFmR3IOssFp8BjrTULE5oezwrwCFLqyIJAGC64dGnkdTli6xlEp2E
h41UsBd5daQ=
=cJpn
-----END PGP SIGNATURE-----

--=-yhkGcHckmX4ZO5PEvTHQ--