Without this line, destination address for a UDD socket is left with
incorrect value AF_UNSPEC. Later on when calling DatagramSocket:write(),
sendto() fails with EINVAL.
This commit fixes test SocketsTest.cpp.
Change-Id: I6e1b7e743a781abdcf69aa9842b30be893633433
Current UDP receive reads up to MAX_UDP_LENGTH bytes into the
passed in buffer, which may lead to buffer overflow if the
write buffer is of insufficient size.
Add mandatory length argument to UDP socket receive calls.
Reported-by: Simone Margaritelli <simone@zimperium.com>
Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
Reported security vulnerability where control and data UDP
packets can be injected into the transceiver externally due
to socket binding to all interfaces using INADDR_ANY.
Existing socket interface does not allow specifying local
address; only the local port and remote address/port are
arguments.
Restrict socket bind to localhost with INADDR_LOOPBACK. If
external interfaces do need to be used, the API should be
modified to allow specifying the local socket address.
Reported-by: Simone Margaritelli <simone@zimperium.com>
Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
Pau Espin
Tom Tsou