From 779143cd94e1e1813a160d2ded682348f9b34ed4 Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Mon, 7 Sep 2020 09:15:27 +0200 Subject: [PATCH 1/2] tests/gnrc_sock_ip: add test case to test NULL pointer dereference --- tests/gnrc_sock_ip/main.c | 15 +++++++++++++-- tests/gnrc_sock_ip/tests/01-run.py | 3 ++- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/tests/gnrc_sock_ip/main.c b/tests/gnrc_sock_ip/main.c index 7a464b162409..5f365423e6b0 100644 --- a/tests/gnrc_sock_ip/main.c +++ b/tests/gnrc_sock_ip/main.c @@ -366,7 +366,7 @@ static void test_sock_ip_recv_buf__success(void) assert(_check_net()); } -static void test_sock_ip_send__EAFNOSUPPORT(void) +static void test_sock_ip_send__EAFNOSUPPORT_INET(void) { static const sock_ip_ep_t remote = { .addr = { .ipv6 = _TEST_ADDR_REMOTE }, .family = AF_INET }; @@ -376,6 +376,16 @@ static void test_sock_ip_send__EAFNOSUPPORT(void) expect(_check_net()); } +static void test_sock_ip_send__EAFNOSUPPORT_UNSPEC(void) +{ + static const sock_ip_ep_t remote = { .addr = { .ipv6 = _TEST_ADDR_REMOTE }, + .family = AF_UNSPEC }; + + expect(-EAFNOSUPPORT == sock_ip_send(NULL, "ABCD", sizeof("ABCD"), + _TEST_PROTO, &remote)); + expect(_check_net()); +} + static void test_sock_ip_send__EINVAL_addr(void) { static const sock_ip_ep_t local = { .addr = { .ipv6 = _TEST_ADDR_LOCAL }, @@ -641,7 +651,8 @@ int main(void) CALL(test_sock_ip_recv__non_blocking()); CALL(test_sock_ip_recv_buf__success()); _prepare_send_checks(); - CALL(test_sock_ip_send__EAFNOSUPPORT()); + CALL(test_sock_ip_send__EAFNOSUPPORT_INET()); + CALL(test_sock_ip_send__EAFNOSUPPORT_UNSPEC()); CALL(test_sock_ip_send__EINVAL_addr()); CALL(test_sock_ip_send__EINVAL_netif()); CALL(test_sock_ip_send__ENOTCONN()); diff --git a/tests/gnrc_sock_ip/tests/01-run.py b/tests/gnrc_sock_ip/tests/01-run.py index 9d661f3f38a6..a94f1b2a8060 100755 --- a/tests/gnrc_sock_ip/tests/01-run.py +++ b/tests/gnrc_sock_ip/tests/01-run.py @@ -30,7 +30,8 @@ def testfunc(child): child.expect_exact(u"Calling test_sock_ip_recv__unsocketed()") child.expect_exact(u"Calling test_sock_ip_recv__unsocketed_with_remote()") child.expect_exact(u"Calling test_sock_ip_recv__with_timeout()") - child.expect_exact(u"Calling test_sock_ip_send__EAFNOSUPPORT()") + child.expect_exact(u"Calling test_sock_ip_send__EAFNOSUPPORT_INET()") + child.expect_exact(u"Calling test_sock_ip_send__EAFNOSUPPORT_UNSPEC()") child.expect_exact(u"Calling test_sock_ip_send__EINVAL_addr()") child.expect_exact(u"Calling test_sock_ip_send__EINVAL_netif()") child.expect_exact(u"Calling test_sock_ip_send__ENOTCONN()") From 7d474841708cee9d8929383b0ab89ab99de4869f Mon Sep 17 00:00:00 2001 From: "Martine S. Lenders" Date: Mon, 7 Sep 2020 09:17:17 +0200 Subject: [PATCH 2/2] gnrc_sock_ip: fix NULL pointer dereference --- sys/net/gnrc/sock/ip/gnrc_sock_ip.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/net/gnrc/sock/ip/gnrc_sock_ip.c b/sys/net/gnrc/sock/ip/gnrc_sock_ip.c index c79cc7eda031..fa56c115e88f 100644 --- a/sys/net/gnrc/sock/ip/gnrc_sock_ip.c +++ b/sys/net/gnrc/sock/ip/gnrc_sock_ip.c @@ -194,7 +194,7 @@ ssize_t sock_ip_send(sock_ip_t *sock, const void *data, size_t len, gnrc_ep_set(&rem, remote, sizeof(rem)); } if ((remote != NULL) && (remote->family == AF_UNSPEC) && - (sock->remote.family != AF_UNSPEC)) { + (sock != NULL) && (sock->remote.family != AF_UNSPEC)) { /* remote was set on create so take its family */ rem.family = sock->remote.family; }