diff options
author | David 'Digit' Turner <digit@android.com> | 2011-07-07 04:46:27 +0200 |
---|---|---|
committer | David 'Digit' Turner <digit@android.com> | 2011-07-07 04:46:27 +0200 |
commit | afe299d6284ecb86ba5c073d2c969aedd86597db (patch) | |
tree | c400ca24b269b4d61297d0e99e4fd4cb8e6765ff /android | |
parent | 89329b3c3afc7f2c441b59cbf0658e6c8f688fea (diff) | |
download | external_qemu-afe299d6284ecb86ba5c073d2c969aedd86597db.zip external_qemu-afe299d6284ecb86ba5c073d2c969aedd86597db.tar.gz external_qemu-afe299d6284ecb86ba5c073d2c969aedd86597db.tar.bz2 |
hw-pipe-net.c: only support connecting to localhost ports.
Don't allow the 'tcp' pipe service to connect to anything other than
localhost IPv4 addresses, for security reasons.
Moreover, resolving host addresses is a blocking operation that
could freeze the emulation for significant time, which is not
acceptable.
Change-Id: I0151a4a72befdc9f1d1526e1f68ef99f0b9e4464
Diffstat (limited to 'android')
-rw-r--r-- | android/hw-pipe-net.c | 34 |
1 files changed, 4 insertions, 30 deletions
diff --git a/android/hw-pipe-net.c b/android/hw-pipe-net.c index 86a6182..951b4d3 100644 --- a/android/hw-pipe-net.c +++ b/android/hw-pipe-net.c @@ -373,40 +373,17 @@ void* netPipe_initTcp( void* hwpipe, void* _looper, const char* args ) { /* Build SockAddress from arguments. Acceptable formats are: - * * <port> - * <host>:<port> */ SockAddress address; + uint16_t port; void* ret; if (args == NULL) { D("%s: Missing address!", __FUNCTION__); return NULL; } - D("%s: Address is '%s'", __FUNCTION__, args); - - char host[256]; /* max size of regular FDQN+1 */ - int hostlen = 0; - int port; - const char* p; - - /* Assume that anything after the last ':' is a port number - * And that what is before it is a port number. Should handle IPv6 - * notation. */ - p = strrchr(args, ':'); - if (p != NULL) { - hostlen = p - args; - if (hostlen >= sizeof(host)) { - D("%s: Address too long!", __FUNCTION__); - return NULL; - } - memcpy(host, args, hostlen); - host[hostlen] = '\0'; - args = p + 1; - } else { - snprintf(host, sizeof host, "127.0.0.1"); - } + D("%s: Port is '%s'", __FUNCTION__, args); /* Now, look at the port number */ { @@ -415,12 +392,9 @@ netPipe_initTcp( void* hwpipe, void* _looper, const char* args ) if (end == NULL || *end != '\0' || val <= 0 || val > 65535) { D("%s: Invalid port number: '%s'", __FUNCTION__, args); } - port = (int)val; - } - if (sock_address_init_resolve(&address, host, port, 0) < 0) { - D("%s: Could not resolve address", __FUNCTION__); - return NULL; + port = (uint16_t)val; } + sock_address_init_inet(&address, SOCK_ADDRESS_INET_LOOPBACK, port); ret = netPipe_initFromAddress(hwpipe, &address, _looper); |