cellular-infrastructure
/
osmo-trx
mirror of https://gerrit.osmocom.org/osmo-trx
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

common: Restrict UDP binding to localhost only 

Reported security vulnerability where control and data UDP
packets can be injected into the transceiver externally due
to socket binding to all interfaces using INADDR_ANY.

Existing socket interface does not allow specifying local
address; only the local port and remote address/port are
arguments.

Restrict socket bind to localhost with INADDR_LOOPBACK. If
external interfaces do need to be used, the API should be
modified to allow specifying the local socket address.

Reported-by: Simone Margaritelli <simone@zimperium.com>
Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
This commit is contained in:
Tom Tsou 2016-04-28 21:24:53 -07:00
parent 047956259b
commit d4555f267e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CommonLibs/Sockets.cpp
View File

@ -269,7 +269,7 @@ void UDPSocket::open(unsigned short localPort)
size_t length = sizeof(address);
bzero(&address,length);
address.sin_family = AF_INET;
address.sin_addr.s_addr = INADDR_ANY;
address.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
address.sin_port = htons(localPort);
if (bind(mSocketFD,(struct sockaddr*)&address,length)<0) {
perror("bind() failed");